HP StorageWorks 2/16V Brocade Secure Fabric OS Administrator's Guide (53-10002 - Page 30

Using the PKICert Utility to Obtain CSR, To obtain the CSR file for the fabric

Get HP StorageWorks 2/16V - SAN Switch PDF manuals and user guides View all HP StorageWorks 2/16V manuals
Add to My Manuals
Save this manual to your list of manuals

Page 30 highlights

2 2-8 Using the PKICert Utility to Obtain CSR The PKICert utility makes it possible to retrieve certificate signing requests (CSRs) from all the switches in the fabric and save them into a CSR file in XML format. PKICert also allows the user to create license reports, and it provides online help. (CSRs and PKI digital certificates also are used in Fabric OS v4.4.0, v5.0.1, v5.1.0, and v5.2.0 with SSL certificates. The utility to retrieve certificates, the CSRs themselves, and the digital certificates for these two uses are different. See the Fabric OS Administrator's Guide for information on SSL.) Note If this procedure is interrupted by a switch reboot, the CSR file is not generated and the procedure must be repeated. The examples in the guide are PC-specific. The PKICert utility can be used only in nonsecure mode to generate or install certificates. While performing the certificate request process using PKICert, the switch name should not contain spaces. If the switch name contains spaces, the CSR is rejected by the Brocade web site. In Fabric OS v4.4.x, v5.0.1, v5.1.0, and v5.2.0, PKIcert installs only one certificate on a single-domain chassis. Previous Fabric OS versions install two certificates. To obtain the CSR file for the fabric 1. On a PC, double-click pkicert.exe. The PKICert utility prompts for the events log file name. 2. Type a file name for the events log and press Enter, or just press Enter to accept the default. The log file is automatically created in the same directory as pkicert.exe. PKI CERTIFICATE INSTALLATION UTILITY pki_v1.0.6 All events and errors will be recorded in an event/error log file. If the file already exists, new event/error information will be appended to it. Enter a log file name [or just press Enter to accept the default]. [pki_events.log] => pki_events_fabric1.log The utility prompts for the desired function. 3. Type 1 to select CSR retrieval and press Enter. PKI CERTIFICATE INSTALLATION UTILITY pki_v1.0.6 FUNCTIONS 1) Retrieve CSRs from switches & write a CSR file 2) Install Certificates contained in a Certificate file 3) Generate a Licensed-Product/Installed-Certificates report 4) Help using PKI-Cert to get & install certificates q) Quit PKI Certificate installation utility Enter choice> 1 The utility prompts for the method of specifying fabric addresses. Secure Fabric OS Administrator's Guide Publication Number: 53-1000244-01

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
2-8
Secure Fabric OS Administrator’s Guide
Publication Number: 53-1000244-01
2
Using the PKICert Utility to Obtain CSR
The PKICert utility makes it possible to retrieve certificate signing requests (CSRs) from all the
switches in the fabric and save them into a CSR file in XML format. PKICert also allows the user to
create license reports, and it provides online help. (CSRs and PKI digital certificates also are used in
Fabric OS v4.4.0, v5.0.1, v5.1.0, and v5.2.0 with SSL certificates. The utility to retrieve certificates, the
CSRs themselves, and the digital certificates for these two uses are different. See the
Fabric OS
Administrator’s Guide
for information on SSL.)
To obtain the CSR file for the fabric
1.
On a PC, double-click
pkicert.exe
.
The PKICert utility prompts for the events log file name.
2.
Type a file name for the events log and press
Enter
, or just press
Enter
to accept the default.
The log file is automatically created in the same directory as
pkicert.exe
.
The utility prompts for the desired function.
3.
Type
1
to select CSR retrieval and press
Enter
.
The utility prompts for the method of specifying fabric addresses.
Note
If this procedure is interrupted by a switch reboot, the CSR file is not generated and the procedure must
be repeated. The examples in the guide are PC-specific.
The PKICert utility can be used only in nonsecure mode to generate or install certificates.
While performing the certificate request process using PKICert, the switch name should not contain
spaces. If the switch name contains spaces, the CSR is rejected by the Brocade web site.
In Fabric OS v4.4.x, v5.0.1, v5.1.0, and v5.2.0, PKIcert installs only one certificate on a single-domain
chassis. Previous Fabric OS versions install two certificates.
PKI CERTIFICATE INSTALLATION UTILITY pki_v1.0.6
All events and errors will be recorded in an event/error log file.
If the file already exists, new event/error information will be
appended to it.
Enter a log file name [or just press Enter to accept the default].
[pki_events.log] =>
pki_events_fabric1.log
PKI CERTIFICATE INSTALLATION UTILITY pki_v1.0.6
FUNCTIONS
1)
Retrieve CSRs from switches & write a CSR file
2)
Install Certificates contained in a Certificate file
3)
Generate a Licensed-Product/Installed-Certificates report
4)
Help using PKI-Cert to get & install certificates
q)
Quit PKI Certificate installation utility
Enter choice>
1