HP AM866A Brocade Fabric OS Command Reference Manual v6.2.0 (53-1001186-01, Ap - Page 147
SCP protocol. When, Imports a certificate from a specified external host or from a mounted USB
UPC - 884420064602
View all HP AM866A manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 147 highlights
cryptoCfg 2 host_file_path Specifies the fully qualified path to the file on the host to which the file is to be exported. This includes the file name. Make sure to name your certificates so you can track the file type and the originator switch, for example, name_cpcert.pem. -usb Exports a specified certificate to a mounted USB storage device. When -usb is specified, the following operands are required: dest_filename Specifies the name of the file on the USB device to which the file is to be exported. The file is stored in a predetermined default directory on the storage device. Specify one of the following certificates to be exported. Certificates must be specified by file type. Referring to certificates by file name is not permitted. These file types are valid both with the -scp and with the -usb options. -currentMK Exports the current master key file. -KACcert Exports the KAC certificate. -KACcsr Exports the certificate sign request file. Use cryptocfg -reg -KACcert to register the certificate on the node after it has been signed and re-imported. This procedure must be performed for all nodes that participate in a two-way certificate exchange-based authentication mechanism with key vaults. Fabric OS v6.2.0 supports two-way certificate exchange only for the HP SKM key vault. -CPcert Exports the member node CP certificate. --import Imports a certificate from a specified external host or from a mounted USB storage device to a predetermined directory on the local encryption switch or blade. This command is valid on all nodes. Files to be imported include member node CP certificates and key vault certificates. Use the cryptocfg --show -file -all command to view all imported files. The following operands are supported with the --import command: -scp Imports a specified certificate from an external host using the secure copy (SCP) protocol. When -scp is specified, the following operands are required: local_name Specifies the name to be assigned to the imported certificate. This is a user-generated file name. host_IP | host_name Specifies the IP address or name of the host from which to import the file. To specify the host by name, it must first be configured with dnsconfig. host_username Specifies the user name for the host. Depending on your host configuration, this command may prompt for a password. host_file_path Specifies the fully qualified path of the file to be imported. The path must include the file name. -usb Imports a file from a mounted USB storage device. This command is valid only on nodes that have an attached USB device. When -usb is specified, the following operands are required: Fabric OS Command Reference 119 53-1001186-01