HP StorageWorks 2/16V Brocade Secure Fabric OS Administrator's Guide (53-10002 - Page 49

tsClockServer, pkiShow, Verifying or Activating Secure Fabric OS and Advanced Zoning Licenses

Get HP StorageWorks 2/16V - SAN Switch PDF manuals and user guides View all HP StorageWorks 2/16V manuals
Add to My Manuals
Save this manual to your list of manuals

Page 49 highlights

2 5. If the logical switches are in separate fabrics, synchronize the fabrics by connecting them to a common external network time protocol (NTP) server. Note If the fabric contains any switches running Fabric OS v4.4.0, v5.0.1, v5.1.0, or v5.2.0 the server must support a full NTP client. For switches running Fabric OS v3.2.0, the server can be SNTP or NTP. a. Open a telnet or SSH session to either of the logical switches. b. Type tsClockServer "IP address of NTP server". c. The IP address can be verified by reentering the command with no operand, which displays the current setting. d. Repeat for the other logical switch. SW24000switch0:admin> tsclockserver "132.163.135.131" SW24000switch0:admin> tsclockserver 132.163.135.131 SW24000switch1:admin> tsclockserver "132.163.135.131" SW24000switch1:admin> tsclockserver 132.163.135.131 6. Ensure that both logical switches have a Secure Fabric OS license activated, as described in "Verifying or Activating Secure Fabric OS and Advanced Zoning Licenses" on page 2-3. Note Only one license key is required to enable the same feature on both logical switches. 7. Ensure that both logical switches have an Advanced Zoning license activated, as described in "Verifying or Activating Secure Fabric OS and Advanced Zoning Licenses" on page 2-3. 8. If the firmware was upgraded, perform the following steps: a. Download and install the PKICert utility on the PC workstation, if not preinstalled, as described in "Removing PKI Objects" on page 2-6. b. Use the PKICert utility to create a file containing the CSRs of all the switches in the fabric, as described in "Using the PKICert Utility to Obtain CSR" on page 2-8. c. Obtain digital certificates from the switch supplier, as described in "Obtaining the Digital Certificate File" on page 2-7. d. Use the PKICert utility to load the certificates onto both logical switches, as described in "Distributing Digital Certificates to the Switches" on page 2-13. e. Verify that the digital certificates are installed on both logical switches, as described in "Verifying the Digital Certificate" on page 2-4. The pkiShow command referenced in this procedure must be executed from both logical switches. Secure Fabric OS Administrator's Guide Publication Number: 53-1000244-01 2-27

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
Secure Fabric OS Administrator’s Guide
2-27
Publication Number: 53-1000244-01
2
5.
If the logical switches are in separate fabrics, synchronize the fabrics by connecting them to a
common external network time protocol (NTP) server.
a.
Open a telnet or SSH session to either of the logical switches.
b.
Type
tsClockServer “
IP address of NTP server
.
c.
The IP address can be verified by reentering the command with no operand, which displays the
current setting.
d.
Repeat for the other logical switch.
6.
Ensure that both logical switches have a Secure Fabric OS license activated, as described in
“Verifying or Activating Secure Fabric OS and Advanced Zoning Licenses”
on page 2-3.
7.
Ensure that both logical switches have an Advanced Zoning license activated, as described in
“Verifying or Activating Secure Fabric OS and Advanced Zoning Licenses”
on page 2-3.
8.
If the firmware was upgraded, perform the following steps:
a.
Download and install the PKICert utility on the PC workstation, if not preinstalled, as
described in
“Removing PKI Objects”
on page 2-6.
b.
Use the PKICert utility to create a file containing the CSRs of all the switches in the fabric, as
described in
“Using the PKICert Utility to Obtain CSR”
on page 2-8.
c.
Obtain digital certificates from the switch supplier, as described in
“Obtaining the Digital
Certificate File”
on page 2-7.
d.
Use the PKICert utility to load the certificates onto both logical switches, as described in
“Distributing Digital Certificates to the Switches”
on page 2-13.
e.
Verify that the digital certificates are installed on both logical switches, as described in
“Verifying the Digital Certificate”
on page 2-4.
The
pkiShow
command referenced in this procedure must be executed from both logical switches.
Note
If the fabric contains any switches running Fabric OS v4.4.0, v5.0.1, v5.1.0, or v5.2.0 the
server must support a full NTP client. For switches running Fabric OS v3.2.0, the server
can be SNTP or NTP.
SW24000switch0:admin>
tsclockserver "132.163.135.131"
SW24000switch0:admin>
tsclockserver
132.163.135.131
SW24000switch1:admin>
tsclockserver "132.163.135.131"
SW24000switch1:admin>
tsclockserver
132.163.135.131
Note
Only one license key is required to enable the same feature on both logical switches.