beautypg.com

Creating a master password for export of ssl keys, Deleting certificate and key files – Brocade Virtual ADX Security Guide (Supporting ADX v03.1.00) User Manual

Page 124

background image

112

Brocade Virtual ADX Security Guide

53-1003250-01

Configuring SSL on a Brocade Virtual ADX

6

After transferring the file, it can be used both as a key and a certificate. To add the certificate file
and keys to the profile, use the following commands:

Virtual ADX(config-ssl-profile-mysslprofile)#keypair-file mypkcsfile

Virtual ADX(config-ssl-profile-mysslprofile)#certificate-file mypkcsfile

The show ssl cert command can be used to display a pkcs file. The show ssl key command does not
display a pkcs file, but it does contain a keypair.

Creating a master password for export of SSL keys

You can create a master password that grants permission to export all SSL keys on a Brocade
Virtual ADX using SCP copy. This password is used with the scp key-pair-file-name
user@SI_IP_Addr: sslkeypair:filename-on-SI:password: format command. If a master password is
not configured, a separate password associated with each key must be used.

To define a master password for the export of SSL keys, use the following command.

Virtual ADX#ssl set export-master-pswd exportpw

Syntax: ssl set export-master-pswd password

The password variable specifies the master password for export of SSL keys. It can be from 1 to 24
characters in length.

To disable a master password for export of SSL keys, use the following command.

Virtual ADX#ssl clear export-master-pswd exportpw

Syntax: ssl clear export-master-pswd password

The password variable specifies the master password for export of SSL keys that you want to
remove.

Use the following command to display whether a master password is in effect.

Syntax: show ssl key *

Deleting certificate and key files

You can use the following commands to delete a specified certificate or key file as shown.

Virtual ADX#ssl clear certfile certfile-name

Syntax: ssl clear certfile certfile-name

The certfile-name variable specifies the certificate that you want to delete.

Virtual ADX#ssl clear keyfile keyfile-name

Syntax: ssl clear certfile keyfile-name

The keyfile-name variable specifies the key that you want to delete.

Virtual ADX#show ssl key *

master-password enable

ssl key files:

1 : key-test

2 : key1

3 : keyz

4 : keyc

5 : key7

See also other documents in the category Brocade Computer Accessories: