HP StorageWorks 2/16V Brocade Secure Fabric OS Administrator's Guide (53-10002 - Page 28

2 4. Type the pkiShow command. If the switch is a two-domain SilkWorm 24000, enter this command on both logical switches. switch:admin> pkishow Passphrase : Exist Private Key : Exist CSR : Exist Certificate : Empty Root Certificate: Exist The command displays the status of the PKI objects. 5. Repeat for any other switches, as required. Removing PKI Objects You cannot delete PKI objects in secure mode. If they are deleted when secure mode is disabled, secure mode cannot be re-enabled until they are generated. If any PKI objects are missing, all the PKI objects should be deleted using the pkiRemove command and then regenerated using the pkiCreate command or by rebooting the switch (any missing PKI objects, except the digital certificate, are automatically regenerated when the switch is rebooted). If the digital certificate is deleted, it must be reinstalled on the switch according to the instructions provided in "Distributing Digital Certificates to the Switches" on page 2-13. For Fabric OS v3.2.0, use configRemove to remove all the PKI objects, type configUpload, and then fastboot the switch. After the switch reboots, all PKI objects are available except for the certificate. To remove PKI objects in unsecured mode switch:admin> pkiremove WARNING!!! Removing Pki objects will impair the security functionality of this fibre channel switch. If you want secure mode enabled, you will need to get the switch certificate again. About to remove Pki objects. ARE YOU SURE (yes, y, no, n): [no] y All PKI objects removed. If run in secure mode, the following error message is displayed: switch:admin> pkiremove This Switch is in secure mode. Removing Pki objects is not allowed. Exiting... 2-6 Secure Fabric OS Administrator's Guide Publication Number: 53-1000244-01