beautypg.com

Dell POWEREDGE M1000E User Manual

Page 211

background image

Fabric OS Command Reference

183

53-1002746-01

cryptoCfg

2

Additional diagnostic key vault information to facilitate troubleshooting of connectivity "Additional
Primary Key Vault Information" and "Additional Secondary Key Vault Information" is displayed
separately. For the SKM and DPM there is just one section "Additional Key Vault/Cluster
Information"):

-

Key Vault/CA Certificate Validity: Yes or No

-

Port for Key Vault Connection: numeric identifier

-

Time of Day on Key Server: time stamp or N/A

-

Server SDK Version: revision number or N/A

Diagnostic information for the encryption node (key vault client):

-

Node KAC Certificate Validity: Yes (valid) or No (invalid)

-

Time of Day on the Switch: time stamp

-

Client SDK Version: SDK revision number

-

Client Username: node login name for key vault

-

Client Usergroup: user group

-

Connection Timeout: time in seconds

-

Response Timeout: time in seconds

-

Connection Idle Timeout: time in seconds

-

Status message indicating success/readiness for key operations or, if there is a problem,
displays a diagnostic message. For example, if the username on the switch has changed, but
the key owner is still the old username, key operations will not be permitted.

Quorum information includes the following parameters:

-

Authentication Quorum Size: 0 (disabled), 1- 5 (enabled).

-

Authentication Cards: Certificate ID /label or "not configured".

Node list display includes the following parameters:

-

Total number of defined nodes: numeric value

-

Group leader node name: Node WWN

-

Encryption group state: CONVERGED = Encryption group formed successfully. CONVERGING
= Encryption group partially formed, member nodes may still be in discovery process.
DEGRADED = Nodes lost connection with the group.

For each node in the encryption group, the following information is displayed:

-

Node name: the node WWN

-

IP address: the node IP address

-

Role: GroupLeader or MemberNode

Use the --show groupmember command to display encryption group member information for one or all
member nodes. Depending on the key vault configuration, the command displays master key information
(DPM) or link key information (LKM).

Node List (displayed only with the --all option)

-

Total number of defined nodes: numeric value

-

Group leader node name: the node WWN

-

Encryption group state: CONVERGED = Encryption group formed successfully. CONVERGING
= Encryption group partially formed, member nodes may still be in discovery process.
DEGRADED = Nodes lost connection with the group.

For each node, the display includes the following parameters:

-

Node Name: the node WWN

-

State: DISCOVERED = The node is part of the encryption group. DISCOVERING = The node is
in the process of discovery.

-

Role: GroupLeader or MemberNode