Brocade Fabric OS Command Reference Manual Supporting Fabric OS v6.3.0 (53-1001337-01, July 2009)

ManualsBrandsHP ManualsStorageBrocade 8/24c Power Pack+ SAN Switch for BladeSystem c-Class

191

192

193

194

195

196

197

198

199

200

Fabric OS Command Reference 167

53-1001337-01

cryptoCfg

A. Node configuration

To initialize a node and generate certificates (output shows what is generated and where it is

stored):

SecurityAdmin:switch>cryptocfg --initnode

This will overwrite all identification and authentication data

ARE YOU SURE (yes, y, no, n): [no] y

Notify SPM of Node Cfg

Operation succeeded.

To initialize an encryption engine:

SecurityAdmin:switch>cryptocfg --initEE

This will overwrite previously generated identification

and authentication data

ARE YOU SURE (yes, y, no, n): y

Operation succeeded.

To register an encryption engine with the CP or chassis:

SecurityAdmin:switch>cryptocfg -regEE

Operation succeeded.

To enable an encryption engine:

SecurityAdmin:switch> cryptocfg --enableEE

Operation succeeded.

To disable an encryption engine:

SecurityAdmin:switch> cryptocfg --disableEE

Operation succeeded.

To export a KAC certificate from the group leader to an external host:

SecurityAdmin:switch>cryptocfg --export -scp -KACcert 192.168.38.245 mylogin kac_lkm_cert.pem

Password:

Operation succeeded.

To export a KAC certificate from the group leader to an attached USB device:

SecurityAdmin:switch>cryptocfg --export -usb -KACcert kac_lkm_cert.pem

Password:

Operation succeeded.

To import a member CP certificate to the group leader:

SecurityAdmin:switch>cryptocfg --import -scp enc1_cpcert.pem 192.168.38.245 mylogin

/temp/certs/enc_switch1_cpcert.pem

Password:

To register a member node with the group leader:

SecurityAdmin:switch>cryptocfg --reg -membernode 10:00:00:05:1e:39:14:00 enc_switch1_cert.pem

10.32.244.60

Operation succeeded.