HP Brocade 8/12c Fabric OS Encryption Administrator's Guide - Page 163
Enabling the encryption engine, Checking encryption engine status
View all HP Brocade 8/12c manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 163 highlights
Enabling the encryption engine 3 MasterKey ID: 1a:e6:e4:26:6b:f3:81:f7:d8:eb:cc:0f:09:7a:a4:7e Exported Key ID: 1a:e6:e4:26:6b:f3:81:f7:d8:eb:cc:0f:09:7a:a4:80 Example: Recovering a master key using master key ID from the second master key export cryptocfg --recovermasterkey currentMK -keyID 15:30:f0:f3:5c:2b:28:ce:cc:a7:b4:cd:7d:2a:91:fc Enter passphrase: Recover master key status: Operation Succeeded. Enabling the encryption engine Enable the encryption engine by entering the cryptocfg --enableEE command. Provide a slot number if the encryption engine is a blade. NOTE Every time a Brocade Encryption Switch or DCX or DCX-4S chassis containing one or more FS8-18 blade goes through power cycle event, or after issuing slotpoweroff followed by slotpoweron for an FS8-18 blade in DCX or DCX-4S Chassis, the encryption engine must be enabled manually by the Security Administrator. Hosts cannot access the storage LUNs through the storage paths exposed on this Brocade Encryption Switch or FS8-18 blade until the encryption engine is enabled. The encryption engine state can viewed using the cryptocfg --show -localEE command, or by displaying switch or blade properties from DFCM. An encryption engine that is not enabled indicates Waiting for Enable EE. SecurityAdmin:switch>cryptocfg --enableEE Operation succeeded. Checking encryption engine status You can verify the encryption engine status at any point in the setup process and get information about the next required configuration steps or to troubleshoot an encryption engine that behaves in unexpected ways. Use the cryptocfg --show -localEE command to check the encryption engine status. SecurityAdmin:switch>cryptocfg --show -localEE EE Slot: 0 SP state: Waiting for initEE EE key status not available: SP TLS connection is not up. No HA cluster membership EE Slot: 1 SP state: Online Current Master KeyID: a3:d7:57:c7:54:66:65:05:61:7a:35:2c:59:af:a5:dc Alternate Master KeyID: e9:e4:3a:f8:bc:4e:75:44:81:35:b8:90:d0:1f:6f:4d HA Cluster Membership: hacDcx2 EE Attributes: Media Type : DISK EE Slot: 3 SP state: Online Fabric OS Encryption Administrator's Guide 143 53-1002159-03