Dell PowerStore 1000T EMC PowerStore Security Configuration Guide - Page 13

Certificates, Viewing certificates

Get Dell PowerStore 1000T PDF manuals and user guides View all Dell PowerStore 1000T manuals
Add to My Manuals
Save this manual to your list of manuals

Page 13 highlights

Certificates Data in the certificate store of PowerStore is persistent. The certificate store stores the following types of certificates: • Certificate Authority (CA) certificates • Client certificates • Server certificates Viewing certificates About this task The following information appears in PowerStore Manager for each certificate that is stored on the appliance: • Service • Type • Scope • Issued by • Valid • Valid to • Issued to NOTE: Use the REST API or CLI to view additional certificate information. To view the certificate information, do the following: Steps 1. Launch the PowerStore Manager. 2. Click Settings and under Security click Certificates. Information about the certificates stored on the appliance appears. 3. To view the chain of certificates that comprise a certificate and associated information for a service, click the specific service. View Certificate Chain appears and lists information about the chain of certificates that comprise the certificate. Secure communication between PowerStore appliances within a cluster During cluster creation, the primary node of the cluster master appliance creates a certificate authority (CA) certificate, also known as the cluster CA. The master appliance passes the cluster CA certificate to the appliances joining the cluster. Each PowerStore appliance in a cluster generates its own unique IPsec certificate which is signed by the cluster CA certificate. The sensitive data that PowerStore appliances transmit over their cluster network are protected by IPsec and TLS so that the security and integrity of the data is preserved. Secure communication for replication and data import PowerStore's certificate and credential infrastructure allows the exchange of server and client certificates, and user credentials. This process includes: • Retrieving and validating server certificate during TLS handshake • Adding the trusted CA certificate from the remote system to the credential store • Adding the trusted server/client certificate to the credential store • Assisting in establishing secure connections once the trust is established PowerStore supports the following certificate management functionality: Authentication and access 13

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
Certificates
Data in the certificate store of PowerStore is persistent. The certificate store stores the following types of certificates:
Certificate Authority (CA) certificates
Client certificates
Server certificates
Viewing certificates
About this task
The following information appears in PowerStore Manager for each certificate that is stored on the appliance:
Service
Type
Scope
Issued by
Valid
Valid to
Issued to
NOTE:
Use the REST API or CLI to view additional certificate information.
To view the certificate information, do the following:
Steps
1.
Launch the PowerStore Manager.
2.
Click
Settings
and under
Security
click
Certificates
.
Information about the certificates stored on the appliance appears.
3.
To view the chain of certificates that comprise a certificate and associated information for a service, click the specific service.
View Certificate Chain
appears and lists information about the chain of certificates that comprise the certificate.
Secure communication between PowerStore
appliances within a cluster
During cluster creation, the primary node of the cluster master appliance creates a certificate authority (CA) certificate, also known as the
cluster CA. The master appliance passes the cluster CA certificate to the appliances joining the cluster.
Each PowerStore appliance in a cluster generates its own unique IPsec certificate which is signed by the cluster CA certificate. The
sensitive data that PowerStore appliances transmit over their cluster network are protected by IPsec and TLS so that the security and
integrity of the data is preserved.
Secure communication for replication and data
import
PowerStore's certificate and credential infrastructure allows the exchange of server and client certificates, and user credentials. This
process includes:
Retrieving and validating server certificate during TLS handshake
Adding the trusted CA certificate from the remote system to the credential store
Adding the trusted server/client certificate to the credential store
Assisting in establishing secure connections once the trust is established
PowerStore supports the following certificate management functionality:
Authentication and access
13