Manualshelf

Fabric OS Encryption Administrator's Guide

ManualsBrandsHP ManualsStorageHP SN8000B 4-slot SAN Director Switch
51525354555657585960
Fabric OS Encryption Administrator’s Guide 33
53-1002159-03
Steps for connecting to an SKM or ESKM appliance
2
To create a cluster, perform the following steps on one of the HP SKM/ESKM appliances that is to
be a member of the cluster.
1. From the SKM/ESKM management console, click the Device tab.
2. In the Device Configuration menu, click Cluster.
The Create Cluster section displays.
3. Select and note the Local IP address. You will need this address when you add an appliance to
the cluster.
4. For Local Port, use the default value of 9001 unless you are explicitly directed to use a
different value for your site.
5. Type the cluster password in the Create Cluster section of the main window to create the new
cluster.
6. Click Create.
7. In t h e Cluster Settings section of the window, click Download Cluster Key and save the key to a
convenient location, such as your computer's desktop. The cluster key is a text file and is only
required temporarily. It may be deleted from your computer's desktop after all SKM/ESKM
appliances have been added to the cluster.
Copying the local CA certificate for a clustered SKM or ESKM appliance
Before adding an SKM/ESKM appliance to a cluster, you must obtain the local CA certificate from
the original SKM/ESKM or from an SKM/ESKM that is already in the cluster.
1. Select the Security tab.
2. Select Local CAs under Certificates & CAs.
3. Select the name of the local CA from the Local Certificate Authority list.
The CA Certificate Information is displayed.
4. Copy the certificate request, beginning with
---BEGIN CERTIFICATE REQUEST--- and ending
with
---END CERTIFICATE REQUEST---. Be careful not to include any extra characters.
Adding SKM or ESKM appliances to the cluster
If you are adding an appliance to an existing cluster, select the Cluster Settings section of the
window, click Download Cluster Key and save the key to a convenient location, such as your
computer's desktop.
To add SKM/ESKM appliances to the cluster you are creating, you will need the original cluster
member’s local IP address and port number, and the location of the cluster key you downloaded,
as specified in “Creating an SKM or ESKM High Availability cluster” on page 32.
Perform the following steps on each SKM/ESKM appliance you want to add to the cluster.
1. Open a new browser window, keeping the browser window from Copying the Local CA
certificate open.
2. In the new browser window, log into the management console of the SKM/ESKM appliance
that is being added to the cluster, then click the Security tab.
3. In the Certificates & CAs menu, click Known CAs.