Manualshelf

Fabric OS Encryption Administrator's Guide

ManualsBrandsHP ManualsStorageHP SN8000B 4-slot SAN Director Switch
41424344454647484950
Fabric OS Encryption Administrator’s Guide 25
53-1002159-03
Encryption node initialization and certificate generation
2
3. Enter the link IP address and mask, and the gateway IP address.
4. Click OK.
The Blade Processor Link dialog box can also be launched from the following locations:
- Select an encryption group from the Encryption Center Devices table, then select Group >
HA Clusters from the menu task bar, or right-click a group and select HA Clusters. The
Properties dialog box displays with the HA Clusters tab selected. Select a device from the
Non-HA Encryption Engines table, then click Configure Blade Processor Link.
- Select a group, switch, or engine from the Encryption Center Devices table, then select
Group/Switch/Engine > Targets from the menu task bar, or right-click a group, switch, or
engine and select Targets. Select a container from the Encryption Targets table, click
LUNs, then click Configure Blade Processor Link.
Encryption node initialization and certificate generation
When an encryption node is initialized, the following security parameters and certificates are
generated:
FIPS crypto officer
FIPS user
Node CP certificate
A signed Key Authentication Center (KAC) certificate
A KAC Certificate Signing Request (CSR)
From the standpoint of external SAN management application operations, the FIPS crypto officer,
FIPS user, and node CP certificates are transparent to users. The KAC certificates are required for
operations with key managers. In most cases, KAC certificate signing requests must be sent to a
Certificate Authority (CA) for signing to provide authentication before the certificate can be used. In
all cases, signed KACs must be present on each switch.
Encryption nodes are initialized by the Configure Switch Encryption wizard when you confirm a
configuration.
Encryption nodes may also be initialized from the Encryption Center dialog box.
1. Select a switch from the Encryption Center Devices table, then select Switch > Init Node from
the menu task bar, or right-click a switch and select Init Node.
A warning displays.