Data Center Fabric Manager Enterprise User Manual v10.3.X (53-1001357-01, November 2009)
DCFM Enterprise User Manual 621
53-1001357-01
Uploading the KAC and CA certificates onto the RKM appliance
A
8. Select the Key Classes tab. For each of the following key classes, perform steps a. through h. to
create the class. The key classes must be created only once, regardless of the number of
nodes in your encryption group and regardless of the number of encryption groups that will be
sharing this RKM.
kcn.1998-01.com.brocade:DEK_AES_256_XTS
kcn.1998-01.com.brocade:DEK_AES_256_CCM
kcn.1998-01.com.brocade:DEK_AES_256_GCM
kcn.1998-01.com.brocade:DEK_AES_256_ECB
a. Click Create.
b. Type the key name string into the Name field.
c. Select Hardware Retail Group for Identity Group.
d. Deselect Activated Keys Have Duration.
e. Select AES for Algorithm.
f. Select 256 for Key Size.
g. Select the Mode for the respective key classes as follows:
XTS for Key Class "kcn.1998-01.com.brocade:DEK_AES_256_XTS"
CBC for Key Class "kcn.1998-01.com.brocade:DEK_AES_256_CCM"
CBC for Key Class "kcn.1998-01.com.brocade:DEK_AES_256_GCM"
ECB for Key Class "kcn.1998-01.com.brocade:DEK_AES_256_ECB"
h. Click Next.
i. Repeat a. through h. for each key class.
j. Click Finish.
9. For each node, create an identity as follows.
a. Select the Identities tab.
b. Click Create.
c. Enter a label for the node in the Name field. This is a user-defined identifier.
d. Select the Hardware Retail Group in the Identity Groups field.
e. Select the Operational User role in the Authorization field.
f. Click Browse and select the imported certificate <name>_kac_cert.pem> as the Identity
certificate.
g. Click Save.