Manualshelf

Brocade Secure Fabric OS Administrator's Guide (53-1000244-01, November 2006)

ManualsBrandsHP ManualsStorageHP StorageWorks 4/32B Full SAN Switch
21222324252627282930
2-8 Secure Fabric OS Administrator’s Guide
Publication Number: 53-1000244-01
2
Using the PKICert Utility to Obtain CSR
The PKICert utility makes it possible to retrieve certificate signing requests (CSRs) from all the
switches in the fabric and save them into a CSR file in XML format. PKICert also allows the user to
create license reports, and it provides online help. (CSRs and PKI digital certificates also are used in
Fabric OS v4.4.0, v5.0.1, v5.1.0, and v5.2.0 with SSL certificates. The utility to retrieve certificates, the
CSRs themselves, and the digital certificates for these two uses are different. See the Fabric OS
Administrator’s Guide for information on SSL.)
To obtain the CSR file for the fabric
1. On a PC, double-click pkicert.exe.
The PKICert utility prompts for the events log file name.
2. Type a file name for the events log and press Enter, or just press Enter to accept the default.
The log file is automatically created in the same directory as pkicert.exe.
The utility prompts for the desired function.
3. Type 1 to select CSR retrieval and press Enter.
The utility prompts for the method of specifying fabric addresses.
N
ote
If this procedure is interrupted by a switch reboot, the CSR file is not generated and the procedure must
be repeated. The examples in the guide are PC-specific.
The PKICert utility can be used only in nonsecure mode to generate or install certificates.
While performing the certificate request process using PKICert, the switch name should not contain
spaces. If the switch name contains spaces, the CSR is rejected by the Brocade web site.
In Fabric OS v4.4.x, v5.0.1, v5.1.0, and v5.2.0, PKIcert installs only one certificate on a single-domain
chassis. Previous Fabric OS versions install two certificates.
PKI CERTIFICATE INSTALLATION UTILITY pki_v1.0.6
All events and errors will be recorded in an event/error log file.
If the file already exists, new event/error information will be
appended to it.
Enter a log file name [or just press Enter to accept the default].
[pki_events.log] => pki_events_fabric1.log
PKI CERTIFICATE INSTALLATION UTILITY pki_v1.0.6
FUNCTIONS
1) Retrieve CSRs from switches & write a CSR file
2) Install Certificates contained in a Certificate file
3) Generate a Licensed-Product/Installed-Certificates report
4) Help using PKI-Cert to get & install certificates
q) Quit PKI Certificate installation utility
Enter choice> 1