HP Brocade 8/12c Fabric OS Encryption Administrator's Guide - Page 53
Copying the local CA certificate for a clustered SKM or ESKM appliance
View all HP Brocade 8/12c manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 53 highlights
Steps for connecting to an SKM or ESKM appliance 2 To create a cluster, perform the following steps on one of the HP SKM/ESKM appliances that is to be a member of the cluster. 1. From the SKM/ESKM management console, click the Device tab. 2. In the Device Configuration menu, click Cluster. The Create Cluster section displays. 3. Select and note the Local IP address. You will need this address when you add an appliance to the cluster. 4. For Local Port, use the default value of 9001 unless you are explicitly directed to use a different value for your site. 5. Type the cluster password in the Create Cluster section of the main window to create the new cluster. 6. Click Create. 7. In the Cluster Settings section of the window, click Download Cluster Key and save the key to a convenient location, such as your computer's desktop. The cluster key is a text file and is only required temporarily. It may be deleted from your computer's desktop after all SKM/ESKM appliances have been added to the cluster. Copying the local CA certificate for a clustered SKM or ESKM appliance Before adding an SKM/ESKM appliance to a cluster, you must obtain the local CA certificate from the original SKM/ESKM or from an SKM/ESKM that is already in the cluster. 1. Select the Security tab. 2. Select Local CAs under Certificates & CAs. 3. Select the name of the local CA from the Local Certificate Authority list. The CA Certificate Information is displayed. 4. Copy the certificate request, beginning with ---BEGIN CERTIFICATE REQUEST--- and ending with ---END CERTIFICATE REQUEST---. Be careful not to include any extra characters. Adding SKM or ESKM appliances to the cluster If you are adding an appliance to an existing cluster, select the Cluster Settings section of the window, click Download Cluster Key and save the key to a convenient location, such as your computer's desktop. To add SKM/ESKM appliances to the cluster you are creating, you will need the original cluster member's local IP address and port number, and the location of the cluster key you downloaded, as specified in "Creating an SKM or ESKM High Availability cluster" on page 32. Perform the following steps on each SKM/ESKM appliance you want to add to the cluster. 1. Open a new browser window, keeping the browser window from Copying the Local CA certificate open. 2. In the new browser window, log into the management console of the SKM/ESKM appliance that is being added to the cluster, then click the Security tab. 3. In the Certificates & CAs menu, click Known CAs. Fabric OS Encryption Administrator's Guide 33 53-1002159-03