HP StorageWorks Fabric OS 6.1.1 administrator guide (5697-0235, December 2009)

ManualsBrandsHP ManualsStorageHP StorageWorks 4/32B SAN Switch

100

Fabric OS 6.1.1 administrator guide 97

6. Copy and paste this section (including the BEGIN and END lines) into the area provided in the request

form; then, follow the instructions to complete and send the request.

It may take several days to receive the certificates. If the certificates arrive by e-mail, save them to an FTP

server. If the CA provides access to the certificates on an FTP server, make note of the path name and make

sure you have a login name and password on the server.

Installing a switch certificate

Perform this procedure on each switch.

1. Connect to the switch and log in as admin.

2. Issue the following command:

switch:admin> seccertutil import

3. Select a protocol, enter the IP address of the host on which the switch certificate is saved, and enter

your login name and password:

Select protocol [ftp or scp]: ftp

Enter IP address: 192.10.11.12

Enter remote directory: path_to_remote_directory

Enter certificate name (must have ".crt" suffix):192.1.2.3.crt

Enter Login Name: your_account

Enter Password: *****

Success: imported certificate [192.1.2.3.crt].

To use this certificate, run the configure command to activate it. The certificate is downloaded to the

switch.

Activating a switch certificate

1. Issue the configure command

2. When the ssl attributes comes up, enter y

3. Respond to the prompts that apply to SSL certificates:

For example:

Configure...

System services (yes, y, no, n): [no]

ssl attributes (yes, y, no, n): [no] yes

Certificate File. (filename or none): [10.33.13.182.crt] 192.1.2.3.crt

CA Certificate File. (filename or none): [none]

Select length of crypto key.

(Valid values are 40, 56, and 128.): (40..128) [128]

http attributes (yes, y, no, n): [no] yes

HTTP Enabled (yes, y, no, n): [yes] no

Secure HTTP Enabled (yes, y, no, n): [no] yes

After you exit the configure command, the HTTP daemon restarts automatically to handle HTTPS

requests.

SSL attributes

Enter y or yes.

Certificate File

Enter the name of the switch certificate file: for example,

192.1.2.3.crt.

CA Certificate File

If you want the CA name to be displayed in the browser

window, enter the name of the CA certificate file; otherwise, skip

this prompt.

Select length of

crypto key

Enter the encryption key length (40, 56, or 128).

HTTP attributes

Enter yes.

Secure HTTP enabled

Enter yes.