Brocade Fabric OS Encryption Administrator’s Guide Supporting Key Management Interoperability Protocol (KMIP) Key-Compliant Environments (Supporting Fabric OS v7.1.0) User Manual

Fabric OS Encryption Administrator’s Guide (KMIP)

171

53-1002747-02

Re-exporting a master key

3

e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:9a
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:9b
Operation succeeded.

The exported key ID is displayed with the master key ID, as shown in the examples to follow:

Example: Initial master key export

SecurityAdmin:switch> cryptocfg --exportmasterkey
Enter passphrase:

Confirm passphrase:

Master key exported.
MasterKey ID: 1a:e6:e4:26:6b:f3:81:f7:d8:eb:cc:0f:09:7a:a4:7e
Exported Key ID: 1a:e6:e4:26:6b:f3:81:f7:d8:eb:cc:0f:09:7a:a4:7e

Example: Subsequent master key exports

SecurityAdmin:switch> cryptocfg --exportmasterkey
Enter passphrase:

Confirm passphrase:

Master key exported.
MasterKey ID: 1a:e6:e4:26:6b:f3:81:f7:d8:eb:cc:0f:09:7a:a4:7e
Exported Key ID: 1a:e6:e4:26:6b:f3:81:f7:d8:eb:cc:0f:09:7a:a4:7f

SecurityAdmin:switch> cryptocfg --exportmasterkey

Enter passphrase:

Confirm passphrase:

Master key exported.
MasterKey ID: 1a:e6:e4:26:6b:f3:81:f7:d8:eb:cc:0f:09:7a:a4:7e
Exported Key ID: 1a:e6:e4:26:6b:f3:81:f7:d8:eb:cc:0f:09:7a:a4:80

Example: Recovering a master key using master key ID from the second master key export

SecurityAdmin:switch> cryptocfg --recovermasterkey currentMK -keyID
15:30:f0:f3:5c:2b:28:ce:cc:a7:b4:cd:7d:2a:91:fc

Enter passphrase:
Recover master key status: Operation Succeeded.