Brocade Fabric OS Command Reference Guide v6.1.0 (53-1000599-02, June 2008)

ManualsBrandsHP ManualsStorageHP StoreFabric 8/24 Bundled FC Switch/S-Buy

581

582

583

584

585

586

587

588

589

590

Table Of Contents

562 Fabric OS Command Reference

53-1000599-02

secCertUtil

To generate a CSR in non-interactive mode:

switch:admin> seccertutil gencsr -country US -state California -locality "San Jose" \

-org Brocade -orgunit software -cn 192.168.38.206

generating CSR, file name is: 192.168.38.206.csr

Done

To delete the CSR in interactive mode:

switch:admin> seccertutil delcsr

WARNING!!!

About to delete CSR: 192.168.163.238.csr

ARE YOU SURE (yes, y, no, n): [no] y

To delete a CSR in non-interactive mode:

switch:admin> seccertutil delcsr -nowarn

To import an LDAP certificate from a remote host to the local switch in interactive mode:

switch:admin> seccertutil import -ldapcacert

Select protocol [ftp or scp]: ftp

Enter IP address: 195.168.38.206

Enter remote directory: /users/home/remote_certs

Enter certificate name (must have ".crt", ".cer" or ".pem" suffix): ldap.cer

Enter Login Name: mylogin

Enter Password: password

Success: imported certificate [ldap.cert].

To import an LDAP certificate from a remote host to the local switch in non-interactive mode:

switch:admin> seccertutil import -ldapcacert -protocol ftp -ipaddr 195.168.38.206 \

-remotedir /users/home/remote_certs -certname ldap.cer -login abcd -passwd passwd

Success: imported certificate [ldap.cert].

To import a PKI-based certificate with configure and enable option in interactive mode:

switch:admin> seccertutil import -config swcert -enable https

Select protocol [ftp or scp]: ftp

Enter IP address: 192.168.38.206

Enter remote directory: /users/home/mycerts

Enter certificate name (must have ".crt", ".cer" or ".pem" suffix): filename

Enter Login Name: username

Enter Password: password

Success: imported certificate [filename].

Certificate file in configuration has been updated.

Secure http has been enabled.

To import a PKI-based certificate with configure and enable option in non-interactive mode:

switch:admin> seccertutil import -config swcert -enable https -protocol ftp \

-ipaddr 195.168.38.206 -remotedir /users/home/remote_certs -certname file.crt \

-login abcd -password passwd

Success: imported certificate [file.crt].

Certificate file in configuration has been updated.

Secure http has been enabled.

To export an LDAP CA certificate from the local switch to a remote host in interactive mode:

switch:admin> seccertutil export -ldapcacert

Select protocol [ftp or scp]: scp

Enter IP address: 192.168.38.206