Brocade Network Advisor SAN User Manual v11.1x (53-1002167-01, May 2011)

ManualsBrandsHP ManualsSoftwareHP B-series SAN Network Advisor Software

491

492

493

494

495

496

497

498

499

500

Brocade Network Advisor SAN User Manual 453

53-1002167-01

Steps for connecting to an SKM appliance

The SKM management web console can be accessed from any web browser with Internet access to

the SKM appliance. The URL for the appliance is as follows:

https://<appliance hostname>:<appliance port number>

Where:

- <appliance hostname> is the hostname or IP address when installing the SKM appliance.

- <appliance port number> is 9443 by default. If a different port number was specified

when installing the SKM appliance, use that port number.

The following configuration steps are performed from the SKM management web console and from

the Management application:

• Configure a Brocade group on the SKM.

• Register the Brocade group user name and password on the encryption node.

• Set up a local CA on the SKM.

• Download the CA certificate.

• Create and install an SKM server certificate.

• Enable an SSL connection.

• Configure a cluster of SKM appliances for high availability.

• Export and sign the encryption node certificate signing requests.

• Import the signed certificates into the encryption node.

These steps are described in more detail in the following sections:

• “Configuring a Brocade group on SKM” on page 453

• “Registering the SKM Brocade group user name and password” on page 454

• “Setting up the local Certificate Authority (CA) on SKM” on page 455

• “Downloading the local CA certificate from SKM” on page 457

• “Creating and installing the SKM server certificate” on page 457

• “Enabling SSL on the Key Management System (KMS) Server” on page 458

• “Creating an SKM High Availability cluster” on page 459

• “Copying the local CA certificate for a clustered SKM appliance” on page 459

• “Adding SKM appliances to the cluster” on page 460

• “Signing the Brocade encryption node KAC certificates” on page 461

• “Importing a signed KAC certificate into a switch” on page 461

Configuring a Brocade group on SKM

A Brocade group is configured on SKM for all keys created by Brocade encryption switches and

blades. This needs to be done only once for each key vault.

1. Log in to the SKM management web console using the admin password.

2. Select the Security tab.