HP Brocade 8/12c Fabric OS Encryption Administrator's Guide - Page 45
Encryption node initialization and certificate generation
View all HP Brocade 8/12c manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 45 highlights
Encryption node initialization and certificate generation 2 3. Enter the link IP address and mask, and the gateway IP address. 4. Click OK. The Blade Processor Link dialog box can also be launched from the following locations: - Select an encryption group from the Encryption Center Devices table, then select Group > HA Clusters from the menu task bar, or right-click a group and select HA Clusters. The Properties dialog box displays with the HA Clusters tab selected. Select a device from the Non-HA Encryption Engines table, then click Configure Blade Processor Link. - Select a group, switch, or engine from the Encryption Center Devices table, then select Group/Switch/Engine > Targets from the menu task bar, or right-click a group, switch, or engine and select Targets. Select a container from the Encryption Targets table, click LUNs, then click Configure Blade Processor Link. Encryption node initialization and certificate generation When an encryption node is initialized, the following security parameters and certificates are generated: • FIPS crypto officer • FIPS user • Node CP certificate • A signed Key Authentication Center (KAC) certificate • A KAC Certificate Signing Request (CSR) From the standpoint of external SAN management application operations, the FIPS crypto officer, FIPS user, and node CP certificates are transparent to users. The KAC certificates are required for operations with key managers. In most cases, KAC certificate signing requests must be sent to a Certificate Authority (CA) for signing to provide authentication before the certificate can be used. In all cases, signed KACs must be present on each switch. Encryption nodes are initialized by the Configure Switch Encryption wizard when you confirm a configuration. Encryption nodes may also be initialized from the Encryption Center dialog box. 1. Select a switch from the Encryption Center Devices table, then select Switch > Init Node from the menu task bar, or right-click a switch and select Init Node. A warning displays. Fabric OS Encryption Administrator's Guide 25 53-1002159-03