HP StorageWorks 4/8 Brocade Fabric OS Command Reference Manual - Supporting Fa - Page 589
Download an Issuing CA certificate., Import a certificate on to the switch. Use this for the following
View all HP StorageWorks 4/8 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 589 highlights
secCertUtil 2 genkey Generates a public/private key pair. This is the first step for setting up third-party certificates. The key length can be either 1,024 or 2,048 bits long. The greater the length of the key, the more secure is the connection; however, the performance goes down. The keys are generated only after deleting existing CSR and all other certificates. gencsr Generates a new CSR for the switch. This is second step for setting up third-party certificates in the switch. To generate a CSR, the admin must answer a series of questions prompted by this option. Once all questions are answered, a CSR is generated and placed in a file named ip_address.csr, where the ip_address is the IP address of the switch. delcsr Deletes the CSR in the switch. showcsr Displays the contents of the CSR in the switch without page breaks. Use pipe operator followed by "more" option to display the contents of the CSR in the switch page breaks. show Displays a list of all certificates in the switch. show certificate name Displays the contents of the specified certificate. delete certificate name Deletes the specified certificate. export Exports a CSR to a host. This is typically used to submit the CSR to a CA who in turn issues a certificate. import [-config cacert] | [-config swcert [-enable https]] Import a certificate on to the switch. Use this for the following: Download a certificate issued by a CA after sending the CSR to the CA. Download an Issuing CA certificate. Set imported certificate with -config option. Specifying cacert sets the CA certificate file name in configuration and specifying swcert sets switch certificate file name in configuration. Enable secure protocols with -enable option. This option can be used only with -config swcert. Examples To generate a public/private key pair: switch:admin> seccertutil genkey Generating a new key pair will automatically do the following: 1. Delete all existing CSRs. 2. Delete all existing certificates. 3. Reset the certificate filename to none. 4. Disable secure protocols. Continue (yes, y, no, n): [no] y Select key size [1024 or 2048]: Generating new rsa public/private key pair Done. To generate a CSR: switch:admin> seccertutil gencsr Country Name (2 letter code, eg, US): State or Province Name (full name, eg, California): Fabric OS Command Reference Manual 557 53-1000436-01