beautypg.com

Dell POWEREDGE M1000E User Manual

Page 206

background image

178

Fabric OS Command Reference

53-1002746-01

cryptoCfg

2

diag

Runs diagnostic tests including retrieval, archival and synchronization of the tests
in the key vault cluster.

EXAMPLES

To initialize a node and generate certificates (output shows what is generated and where it is stored):

SecurityAdmin:switch> cryptocfg --initnode
This will overwrite all identification and authentication data
ARE YOU SURE (yes, y, no, n): [no] y

Notify SPM of Node Cfg
Operation succeeded.

To initialize an encryption engine:

SecurityAdmin:switch> cryptocfg --initEE
This will overwrite previously generated identification
and authentication data
ARE YOU SURE (yes, y, no, n): y
Operation succeeded.

To register an encryption engine with the CP or chassis:

SecurityAdmin:switch> cryptocfg -regEE
Operation succeeded.

To enable an encryption engine:

SecurityAdmin:switch> cryptocfg --enableEE
Operation succeeded.

To disable an encryption engine:

SecurityAdmin:switch> cryptocfg --disableEE
Operation succeeded.

To export a KAC certificate from the group leader to an external host:

SecurityAdmin:switch> cryptocfg --export -scp -KACcert \
192.168.38.245 mylogin kac_lkm_cert.pem
Password: ******
Operation succeeded.

To export a KAC certificate from the group leader to an attached USB device:

SecurityAdmin:switch> cryptocfg --export -usb \
-KACcert kac_lkm_cert.pem
Password:******
Operation succeeded.

To import a member CP certificate to the group leader:

SecurityAdmin:switch> cryptocfg --import \
-scp enc1_cpcert.pem 192.168.38.245 mylogin \
/temp/certs/enc_switch1_cpcert.pem
Password: