Connectivity Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4048-ON

831

832

833

834

835

836

837

838

839

840

| Installed FIPS certificates |

--------------------------------------

OS10# show crypto cert DellHost.pem

------------ Non FIPS certificate -----------------

Certificate:

Data:

Version: 3 (0x2)

Serial Number: 245 (0xf5)

Signature Algorithm: sha256WithRSAEncryption

Issuer: emailAddress = admin@dell.com

Validity

Not Before: Feb 11 20:10:12 2019 GMT

Not After : Feb 11 20:10:12 2020 GMT

Subject: emailAddress = admin@dell.com

Subject Public Key Info:

Public Key Algorithm: rsaEncryption

Public-Key: (1024 bit)

Modulus:

00:c7:12:ca:a8:d6:d2:1c:ab:66:9a:d1:db:50:5a:

b5:8a:e4:53:9d:f6:b4:fc:cd:f4:b9:46:8a:03:86:

be:0b:50:51:c7:25:76:9f:ff:b4:f9:f8:d9:6f:5d:

53:52:0c:4d:05:ed:31:23:79:44:5c:d7:62:01:9d:

41:e8:ff:3a:b0:35:0c:22:d7:ef:df:05:9a:28:6b:

95:10:8e:bc:c6:62:3a:82:30:0f:4f:4e:19:17:48:

f1:bd:1e:0c:4f:54:03:42:f3:a7:de:22:40:3d:5e:

6b:b2:8e:23:17:53:ef:10:d9:ae:1d:1f:d6:e4:ae:

25:9f:d9:39:60:5c:49:b0:ad

Exponent: 65537 (0x10001)

X509v3 extensions:

X509v3 Subject Key Identifier:

DA:39:A3:EE:5E:6B:4B:0D:32:55:BF:EF:95:60:18:90:AF:D8:07:09

X509v3 Subject Alternative Name:

DNS:dell.domain.com

Signature Algorithm: sha256WithRSAEncryption

b8:83:ae:34:bb:84:e6:b4:a3:fd:77:20:67:15:3f:02:76:ca:

f6:74:d4:d2:36:0e:58:8c:96:13:c2:85:8a:df:ba:c0:d9:c8:

Security proles

To use independent sets of security credentials for dierent OS10 applications, you can congure multiple security proles and assign them

to OS10 applications. A security prole consists of a certicate and private key pair.

For example, you can maintain dierent security proles for RADIUS over TLS authentication and SmartFabric services. Using dierent

security proles allows you to upgrade one application without interrupting the operation of the other one. Assign a security prole to an

application when you congure the prole.

When you install a certicate-key pair, both take the name of the certicate. For example, if you install a certicate using:

OS10# crypto cert install cert-file home://Dell_host1.pem key-file home://abcd.key

The certicate-key pair is installed as Dell_host1.pem and Dell_host1.key. In conguration commands, refer to the pair as

Dell_host1. When you congure a security prole, you would enter Dell_host1 in the certificate certificate-name

command.

Congure security prole

1 Create an application-specic security prole in CONFIGURATION mode.

crypto security-profile profile-name

2 Assign a certicate and private key pair to the security prole in SECURITY-PROFILE mode. For certificate-name, enter the

name of the certicate-key pair as it appears in the show crypto certs output without the .pem extension.

certificate certificate-name

exit

836

Security