Technical data

ManualsBrandsBrocade Communications Systems ManualsComputer equipmentEncryption Switch

121

122

123

124

125

126

127

128

129

130

110 Fabric OS Encryption Administrator’s Guide (DPM)

53-1002720-02

Viewing and editing switch encryption properties

• Key Vault User Name button: (TEKA key vault only.) Shown as inactive.

• Public Key Certificate Request text box: The switch’s KAC certificate signing request, which

must be signed by a certificate authority (CA). The signed certificate must then be

imported onto the switch and onto the primary and backup key vaults.

• Export button: Exports the public key certificate in CSR format to an external file for signing

by a certificate authority (CA).

• Import button: Imports a signed public key certificate.

• Encryption Engine Properties table: The properties for the encryption engine. There may

be 0 to 4 slots, one for each encryption engine in the switch.

• Current Status: The status of the encryption engine. Many possible values exist. Common

options are:

• Not Available (the engine is not initialized)

• Disabled

• Operational

• need master/link key

• Online

• Set State To: Identifies if the state is enabled or disabled. You can click the line item in the

table to change the value, then click OK to apply the change.

• Total Targets: The number of encrypted target devices.

• HA Cluster Peer: The name and location of the high-availability (HA) cluster peer (another

encryption engine in the same group), if in an HA configuration. If no peer is configured, No

Peer is displayed.

• HA Cluster Name: The name of the HA cluster (for example, Cluster1), if in an HA

configuration. HA Cluster names can have up to 31 characters. Letters, digits, and

underscores are allowed.

• Media Type: The media type of the encryption engine. Options are Disk and Tape, or

Disk/Tape when both are present.

• Re-Balance Recommended: Indicates if LUN rebalancing is recommended for an

encryption engine that is hosting both disk and tape LUNs. Options are Yes and No.

• System Card Status: The current status of system card information for the encryption

engine. Options are Enabled and Disabled.

Exporting the public key certificate signing request (CSR) from

properties

To export the CSR under Public Key Certificate Request, complete the following steps.

1. Click Export, then browse to the location where you want to save the certificate and click Save.

Alternatively, you may also copy the CSR and paste it to a file.

2. Submit the CSR to a certificate authority (CA) for signing. CA signing requirements and

procedures differ per key manager appliance.