Manualshelf

Brocade Secure Fabric OS Administrator's Guide (53-1000244-01, November 2006)

ManualsBrandsHP ManualsComputer AccessoriesHP StorageWorks 2/8-EL 2/16 w/V3.1 Document Kit
21222324252627282930
2-6 Secure Fabric OS Administrator’s Guide
Publication Number: 53-1000244-01
2
4. Type the pkiShow command. If the switch is a two-domain SilkWorm 24000, enter this command
on both logical switches.
The command displays the status of the PKI objects.
5. Repeat for any other switches, as required.
Removing PKI Objects
You cannot delete PKI objects in secure mode. If they are deleted when secure mode is disabled, secure
mode cannot be re-enabled until they are generated. If any PKI objects are missing, all the PKI objects
should be deleted using the pkiRemove command and then regenerated using the pkiCreate command
or by rebooting the switch (any missing PKI objects, except the digital certificate, are automatically
regenerated when the switch is rebooted). If the digital certificate is deleted, it must be reinstalled on the
switch according to the instructions provided in “Distributing Digital Certificates to the Switches” on
page 2-13.
For Fabric OS v3.2.0, use configRemove to remove all the PKI objects, type configUpload, and then
fastboot the switch. After the switch reboots, all PKI objects are available except for the certificate.
To remove PKI objects in unsecured mode
If run in secure mode, the following error message is displayed:
switch:admin> pkishow
Passphrase : Exist
Private Key : Exist
CSR : Exist
Certificate : Empty
Root Certificate: Exist
switch:admin> pkiremove
WARNING!!!
Removing Pki objects will impair the security functionality
of this fibre channel switch. If you want secure mode enabled,
you will need to get the switch certificate again.
About to remove Pki objects.
ARE YOU SURE (yes, y, no, n): [no] y
All PKI objects removed.
switch:admin> pkiremove
This Switch is in secure mode.
Removing Pki objects is not allowed. Exiting...