Manualshelf

HP StorageWorks Fabric OS 6.x administrator guide (5697-7344, March 2008)

ManualsBrandsHP ManualsStorageHP DC04 SAN Director Switch
919293949596979899100
90 Configuring standard security features
It may take several days to receive the certificates. If the certificates arrive by e-mail, save them to an
FTP server. If the CA provides access to the certificates on an FTP server, make note of the path name
and make sure you have a login name and password on the server.
Installing a switch certificate
Perform this procedure on each switch.
1. Connect to the switch and log in as admin.
2. Enter this command:
switch:admin> seccertutil import
3. Select a protocol, enter the IP address of the host on which the switch certificate is saved, and enter
your login name and password:
Select protocol [ftp or scp]: ftp
Enter IP address:
192.10.11.12
Enter remote directory: path_to_remote_directory
Enter certificate name (must have ".crt" suffix):
192.1.2.3.crt
Enter Login Name: your_account
Enter Password: *****
Success: imported certificate [192.1.2.3.crt].
To use this certificate, run the configure command to activate it. The certificate is downloaded to the
switch.
Activating a switch certificate
1. Enter the configure command
2. When the ssl attributes comes up, type y
3. Respond to the prompts that apply to SSL certificates:
For example:
Configure...
System services (yes, y, no, n): [no]
ssl attributes (yes, y, no, n): [no]
yes
Certificate File. (filename or none): [10.33.13.182.crt]
192.1.2.3.crt
CA Certificate File. (filename or none): [none]
Select length of crypto key.
(Valid values are 40, 56, and 128.): (40..128) [128]
http attributes (yes, y, no, n): [no]
yes
HTTP Enabled (yes, y, no, n): [yes]
no
Secure HTTP Enabled (yes, y, no, n): [no]
yes
After you exit the configure command, the HTTP daemon restarts automatically to handle HTTPS
requests.
SSL attributes Enter y or yes.
Certificate File Enter the name of the switch certificate file: for example,
192.1.2.3.crt.
CA Certificate File If you want the CA name to be displayed in the browser
window, enter the name of the CA certificate file; otherwise, skip
this prompt.
Select length of crypto key Enter the encryption key length (40, 56, or 128).
HTTP attributes Enter yes.
Secure HTTP enabled Enter yes.