HP Cisco MDS 9120 Cisco MDS 9000 Family Storage Media Encryption Configuration - Page 257
Create the new server key. This is the owner. The common name must be different from the issuer home.
View all HP Cisco MDS 9120 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 257 highlights
Appendix D RSA Key Manager and Cisco SME Generating CA Certificates Send documentation comments to [email protected] OpenSSL> req -new -key client.key -out client.csr You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----Country Name (2 letter code) [AU]: State or Province Name (full name) [Some-State]: Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]: Organizational Unit Name (eg, section) []:cae Common Name (eg, YOUR name) []: Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: Step 7 Set the duration the certificate will be valid. Keep track of this date. OpenSSL> x509 -req -days 365 -in client.csr -CA rt.cert -CAkey rt.key -CAcreateserial -out client.cert Loading 'screen' into random state - done Signature ok subject=/C=AU/ST=wi/L=hudson/O=cisco/OU=cae/CN=mikef/[email protected] Getting CA Private Key Step 8 Create the pkcs12 certificate. OpenSSL> pkcs12 -export -in client.cert -inkey client.key -out client.p12 Loading 'screen' into random state - done Enter Export Password: Verifying - Enter Export Password: OpenSSL> genrsa -out server.key 1024 Loading 'screen' into random state - done Generating RSA private key, 1024 bit long modulus e is 65537 (0x10001) Step 9 Create the new server key. This is the owner. The common name must be different from the issuer home. OpenSSL> req -new -key server.key -out server.csr You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. -Country Name (2 letter code) [AU]: State or Province Name (full name) [Some-State]: Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]: Organizational Unit Name (eg, section) []: Common Name (eg, YOUR name) []: Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: OL-18091-01, Cisco MDS NX-OS Release 4.x Cisco MDS 9000 Family Storage Media Encryption Configuration Guide D-3