Fabric OS Encryption Administrator's Guide
242 Fabric OS Encryption Administrator’s Guide
53-1002159-03
BES removal and replacement
6
b. Issue commit.
cryptocfg --commit
30. Check the encryption group state to ensure that the entire encryption group is in the converged
and In Sync state:
cryptocfg --show -groupcfg
Single Node EG Replacement
1. Upload the configuration stored on the Brocade Encryption Switch you are replacing using the
FOS configupload command.
2. Power off the Brocade Encryption Switch.
3. Remove the Mgmt Link, IO links and FC cables from Brocade Encryption Switch making note of
where each was attached so that the replacement Brocade Encryption Switch can be cabled
properly.
4. Power on the new Brocade Encryption Switch. Note that the FC cables have not yet been
plugged in.
5. Set the IP address for the new Brocade Encryption Switch using the ipaddrset command both
for mgmt and IO link. Check that the switchname and domain ID associated with the
replacement switch match that of the original.
6. Recreate the encryption group with the same name as before:
cryptocfg --create -encgroup <EG Name>
7. Download the configuration from the previous uploaded configuration.
8. Zeroize the new Brocade Encryption Switch.
cryptocfg --zeroizeEE
The Brocade Encryption Switch reboots automatically.
9. If system card authentication was enabled, you must re-register the system card through the
Management application client for the new encryption engine.
10. Initialize the new Brocade Encryption Switch node using following command:
cryptocfg --initnode
11. Initialize the new encryption engine.
cryptocfg --initEE [slotnumber]
12. Register the new encryption engine.
cryptocfg --regEE [slotnumber]
13. Enable the new encryption engine.
cryptocfg --enableEE [slotnumber]