Exporting the tklm self-signed server certificate, Exporting the tklm, Self-signed server certificate – Brocade Network Advisor SAN + IP User Manual v12.1.0 User Manual

900

Brocade Network Advisor SAN + IP User Manual

53-1002949-01

Steps for connecting to a TKLM appliance

25

6. Click Import.

7. Verify that the imported certificate is valid and active.

Exporting the TKLM self-signed server certificate

The TKLM self-signed server certificate must be exported in preparation for importing and
registering the certificate on a Fabric OS encryption Group Leader node.

1. Enter the TKLM server wsadmin CLI.

For Linux (in ./wsadmin.sh):

<installed directory>/IBM/tivoli/tiptklmV2/bin/wsadmin.sh -username TKLMAdmin

-password <password> -lang jython

For Windows:

<installed directory>\ibm\tivoli\tiptklmV2\bin\wsadmin.bat -username

TKLMAdmin -password <password> -lang jython

2. Check the certificate list using the following command:

print AdminTask.tklmCertList('[]')

The listing will contain the UUID for all certificates. Use the UUID of the server certificate to
export the server certificate from the database to the file system.

print AdminTask.tklmCertExport('[

-uuid <UUID of the certificate>

-fileName <filename> -format DER]')

3. Exit the wsadmin CLI

After export, the TKLM server certificate is at the following location:

For LINUX:

<installed directory>/ibm/tivoli/tiptklmV2/products/tklm/

For Windows:

<installed directory>\ibm\tivoli\tiptklmV2\products\tklm\

4. Transfer the TKLM certificate that was previously exported into the TKLM server file system to

the Management application host using any binary file transfer mechanism via SCP, USB, or
FTP.