Signing the encryption node kac csr on kmip, Signing the, Encryption node kac csr on kmip – Brocade Network Advisor SAN User Manual v12.3.0 User Manual

Page 806: Figure 302

Advertising
background image

754

Brocade Network Advisor SAN User Manual

53-1003154-01

Steps for connecting to a KMIP-compliant SafeNet KeySecure

20

FIGURE 302

Key Vault Credentials dialog box

The dialog box contains the following information:

Primary Key Vault: Primary Key Vault is preselected. KMIP key vaults are clustered, so only
one set of credentials is needed.

Secondary Key Vault: (TEKA key vault only). Shown as inactive.

User Name: Enter a user name for the group leader.

User Group Name: Displays the selected User Group Name.

Password: Enter a password for the group leader.

Re-type Password: Re-enter the password for verification.

3. Enter the Brocade user name and password, then re-enter the password for verification.

4. Click OK.

Signing the encryption node KAC CSR on KMIP

The KAC certificate signing request generated when the encryption node is initialized must be
exported for each encryption node and signed by the Brocade local CA on KMIP. The signed
certificate must then be imported back into the encryption node.

1. Select Configure > Encryption from the menu task bar to display the The Encryption Center

dialog box. (Refer to

Figure 266

on page 694.)

2. Select a switch from the Encryption Center Devices table, then select Switch > Export

Certificate, from the menu task bar.

The Export Switch Certificate dialog box displays.

3. Select Public Key Certificate Request (CSR), then click OK.

You are prompted to save the CSR, which can be saved to your SAN Management Program
client PC, or an external host of your choosing.

Alternatively, you may select a switch, then select Switch > Properties. Click the Export button
beside the Public Key Certificate Request, or copy the CSR for pasting into the Certificate
Request Copy area on the KMIP Sign Certificate Request page.

4. Launch the KMIP administration console in a web browser and log in.

5. From the KeySecure Management Console, select the Security tab, then select CAs & SSL

Certificates > Local CAs.

Advertising
Popular Brands
Popular manuals