HP StorageWorks 4/64 Brocade Fabric OS Command Reference v6.3.0 (53-1001337-01 - Page 172
Specifies the HP Secure Key Manager SKM opaque key repository.
View all HP StorageWorks 4/64 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 172 highlights
2 cryptoCfg cert_label Specifies the key vault certificate label. This operand is required when removing the registration for a key vault. --reg -KACcert Registers the signed node certificate. After being exported and signed by the external signing authority, the signed node certificate must be imported back into the node and registered for a successful two-way certificate exchange with the key vault. This command is valid only on the group leader. Registration functions need to be invoked on all the nodes in a DEK cluster for their respective signed node certificates. The following operands are required: signed_certfile Specifies the name of the signed node certificate to be re-imported. primary | secondary Specifies the signing key vault as primary or secondary. This operand is valid only with the NCKA key vault, which requires the CSR to be signed by the primary or secondary vault. If both primary and secondary vaults are configured, this command must be run once for the primary and once for secondary key vault from every node. --set -keyvault value Sets the key vault type. This command is valid only on the group leader. Specifies the key vault type. The default is set to no value. This operand is required. Valid values for -keyvault are: LKM Specifies the NetApp LKM appliance (trusted key vault). RKM Specifies the RSA Key Manager (RKM) (opaque key repository). SKM Specifies the HP Secure Key Manager (SKM) (opaque key repository). NCKA Specifies the Thales nCipher key management appliance (opaque key repository). --set -failbackmode Sets the failback mode parameter. This parameter is set on the group leader. Valid values for failback mode are: auto Enables automatic failback. In this mode, failback occurs automatically within an HA cluster when an encryption switch or blade that failed earlier has been restored or replaced. Automatic failback mode is enabled by default. manual Enables manual failback. In this mode, failback must be initiated manually after an encryption switch or blade that failed earlier has been restored or replaced. --set -hbmisses value Sets the number of heartbeat misses allowed in a node that is part of an encryption group before the node is declared unreachable. This value is set in conjunction with the time-out value. It must be configured at the group leader node and is distributed to all member nodes in the encryption group. The following operand is required: Specifies the number of heartbeat misses. The default value is 3. The range is 1-15 in integer increments only. --set -hbtimeout Sets the time-out value for the heartbeat. This parameter must be configured at the group leader node and is distributed to all member nodes in the encryption group. The following operand is required: 142 Fabric OS Command Reference 53-1001337-01