Creating a self-signed certificate for tklm, Importing the fabric os encryption node kac, Certificates to tklm – Brocade Network Advisor SAN User Manual v12.3.0 User Manual

Page 793

Advertising
background image

Brocade Network Advisor SAN User Manual

741

53-1003154-01

Steps for connecting to a TKLM appliance

20

3. Click Add on the Devices table menu task bar, which adds the entry to the table.

4. Under Device Serial Number, enter the serial number that is displayed for each node that you

are adding to the device group.

Creating a self-signed certificate for TKLM

You must create a self-signed certificate for TKLM that can be downloaded to the Fabric OS
encryption engines to verify the authenticity of TKLM.

1. Select Tivoli Key Lifecycle Manager > Configuration.

The Configuration page displays.

2. Select Create self-signed certificate.

3. Under Certificate label in key store, enter a certificate label.

4. Under Certificate description (common name), enter a descriptive name.

5. Under Validity period of new certificate, enter the desired life time for the certificate.

6. Select Tivoli Key Lifecycle Manager > Advanced Configuration > Server Certificates to verify

that the certificate label is listed on Administer Server Certificates under Certificates.

7. Reboot the TKLM server.

Importing the Fabric OS encryption node KAC certificates to TKLM

The KAC certificates previously exported from the Fabric OS encryption nodes to an external LINUX
host must now be imported into the TKLM server file system. You must import the KAC certificate
in .der format. To do this, refer to

“Converting the KAC certificate format”

on page 740.

1. Import the KAC certificate from the external host into the TKLM server file system using a

binary file transfer mechanism using FTP, USB, or SCP.

2. Select Tivoli Key Lifecycle Manager > Advanced Configuration > Client Certificates.

The Client Certificates page displays.

3. Select Import > SSL Certificate.

The Import SSL Certificates for Clients page displays.

4. Enter the Fabric OS KAC certificate name in the Certificate field.

5. Under File name and location, enter or browse to the location where the imported KAC

certificate is stored, then select Trust.

6. Click Import.

7. Verify that the imported certificate is valid and active.

Advertising
Popular Brands
Popular manuals