Command Reference Guide
178 Fabric OS Command Reference
53-1002746-01
cryptoCfg
2
diag
Runs diagnostic tests including retrieval, archival and synchronization of the tests
in the key vault cluster.
EXAMPLES To initialize a node and generate certificates (output shows what is generated and where it is stored):
SecurityAdmin:switch> cryptocfg --initnode
This will overwrite all identification and authentication data
ARE YOU SURE (yes, y, no, n): [no] y
Notify SPM of Node Cfg
Operation succeeded.
To initialize an encryption engine:
SecurityAdmin:switch> cryptocfg --initEE
This will overwrite previously generated identification
and authentication data
ARE YOU SURE (yes, y, no, n): y
Operation succeeded.
To register an encryption engine with the CP or chassis:
SecurityAdmin:switch> cryptocfg -regEE
Operation succeeded.
To enable an encryption engine:
SecurityAdmin:switch> cryptocfg --enableEE
Operation succeeded.
To disable an encryption engine:
SecurityAdmin:switch> cryptocfg --disableEE
Operation succeeded.
To export a KAC certificate from the group leader to an external host:
SecurityAdmin:switch> cryptocfg --export -scp -KACcert \
192.168.38.245 mylogin kac_lkm_cert.pem
Password: ******
Operation succeeded.
To export a KAC certificate from the group leader to an attached USB device:
SecurityAdmin:switch> cryptocfg --export -usb \
-KACcert kac_lkm_cert.pem
Password:******
Operation succeeded.
To import a member CP certificate to the group leader:
SecurityAdmin:switch> cryptocfg --import \
-scp enc1_cpcert.pem 192.168.38.245 mylogin \
/temp/certs/enc_switch1_cpcert.pem
Password: