HP 8/40 Brocade Fabric OS Command Reference v6.3.0 (53-1001337-01, July 2009) - Page 169
Key Vault Type: LKM, RKM, SKM, or NCKA, Type: LKM
View all HP 8/40 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 169 highlights
cryptoCfg 2 With the exception of the --help and --show commands, all group configuration functions must be performed from the designated group leader. The encryption switch or blade on which you create the encryption group becomes the designated group leader. The group leader distributes all relevant configuration data to the member nodes in the encryption group. The groupCfg commands include three display options that show group configuration, runtime status, and group member information. Refer to the Appendix of the Fabric OS Encryption Administrator's Guide for a more comprehensive explanation of system states. Use --show -groupcfg to display encryption group and member configuration parameters, including the following: • Encryption group name: user-defined label • Encryption group policies: - Failback mode: Auto or Manual - Heartbeat misses: numeric value - Heartbeat timeout: value in seconds - Key Vault Type: LKM, RKM, SKM, or NCKA - System Card: Disabled or Enabled • For each configured key vault, primary and secondary, the command shows: - IP address: he key vault IP address - Certificate ID: the key vault certificate name - State: connected, disconnected, up, authentication failure, or unknown. - Type: LKM, RKM, SKM, or NCKA If an SKM key vault is configured in HA mode, no connection information is displayed because the system is unable to detect the connection status of an SKM appliance in an HA configuration. • Quorum information includes: - Authentication Quorum Size: 0 (disabled), 1- 5 (enabled). - Authentication Cards: Certificate ID /label or "not configured". • Node list display includes: - Total number of defined nodes: numeric value - Group leader node name: Node WWN - Encryption group state: CONVERGED = Encryption group formed successfully. CONVERGING = Encryption group partially formed, member nodes may still be in discovery process. DEGRADED = Nodes lost connection with the group. • For each node in the encryption group, the following information is displayed: - Node name: the node WWN - IP address: the node IP address - Role: GroupLeader or MemberNode Use --show groupmember to display encryption group member information for one or all member nodes. Depending on the key vault configuration, the command displays master key information (RKM) or link key information (LKM). • Node List (displayed only with the --all option) - Total number of defined nodes: numeric value Fabric OS Command Reference 139 53-1001337-01