Uploading the ca certificate onto, The dpm appliance (and first-time configurations) – Brocade Fabric OS Encryption Administrator’s Guide Supporting RSA Data Protection Manager (DPM) Environments (Supporting Fabric OS v7.2.0) User Manual

Page 158

Advertising
background image

138

Fabric OS Encryption Administrator’s Guide (DPM)

53-1002922-01

Steps for connecting to a DPM appliance

3

Uploading the CA certificate onto the DPM appliance (and first-time
configurations)

Install the signing authority certificate (CA certificate) on the DPM appliance.

1. Start a web browser and connect to the DPM appliance setup page. You will need the URL, and

have the proper authority level, a user name, and a password.

2. Select the Operations tab.

3. Select Certificate Upload.

4. In the SSLCAcertificateFile field, enter the full local path of the CA certificate. Do not use the

UNC naming convention format.

5. Select Upload, Configure SSL, and Restart Webserver.

6. After the web server restarts, enter the root password.

7. Open another web browser window, and start the RSA management user interface.

You will need the URL, and have the proper authority level, a user name, and a password.

NOTE

The Identity Group name used in the next step might not exist in a freshly installed DPM. To
establish an Identity Group name, click the Identity Group tab and create a name. The name
Hardware Retail Group is used as an example in the following steps.

8. Select the Key Classes tab. For each of the following key classes, perform step a through

step h to create the class. The key classes must be created only once, regardless of the
number of nodes in your encryption group and regardless of the number of encryption groups
that will be sharing this DPM.

kcn.1998-01.com.brocade:DEK_AES_256_XTS

kcn.1998-01.com.brocade:DEK_AES_256_CCM

kcn.1998-01.com.brocade:DEK_AES_256_GCM

kcn.1998-01.com.brocade:DEK_AES_256_ECB

a. Click Create.

b. Enter the key name string into the Name field.

c. Select Hardware Retail Group for Identity Group.

d. Deselect Activated Keys Have Duration.

e. Select AES for Algorithm.

f.

Select 256 for Key Size.

g. Select the Mode for the respective key classes as follows:

XTS for Key Class "kcn.1998-01.com.brocade:DEK_AES_256_XTS"

CBC for Key Class "kcn.1998-01.com.brocade:DEK_AES_256_CCM"

CBC for Key Class "kcn.1998-01.com.brocade:DEK_AES_256_GCM"

ECB for Key Class "kcn.1998-01.com.brocade:DEK_AES_256_ECB"

h. Click Next.

Advertising
Popular Brands
Popular manuals