Technical data
Fabric OS Encryption Administrator’s Guide (DPM) 287
53-1002720-02
Deregistering a DPM key vault
6
Deregistering a DPM key vault
Each Brocade Encryption Switch is associated with an identity and a client on the DPM 3.2 server.
Before reregistering the DPM server on the Brocade Encryption Switch, make sure the previous
client entry is removed from the DPM server.
You can identify the client name of the Brocade Encryption Switch on the DPM Key Vault using the
cryptocfg
--show -groupcfg command, which displays the Client Username. A sample output is
provided.
SecurityAdmin:switch> cryptocfg --show -groupcfg
Primary Key Vault:
IP address: 10.11.1.111 Certificate ID: RSA
Certificate label: dpm
State: Connected
Type: DPM
Secondary Key Vault not configured
Additional Key Vault/Cluster Information:
Key Vault/CA Certificate Validity: Yes
Port for Key Vault Connection: 443
Time of Day on Key Server: N/A
Server SDK Version: N/A
Encryption Node (Key Vault Client) Information:
Node KAC Certificate Validity: Yes
Time of Day on the Switch: N/A
Client SDK Version: RKM-Client 3.1 27-Jan-2012
Client Username: B10_00_00_05_1e_55_4d_a5
Client Usergroup: N/A
Connection Timeout: 3 seconds
Response Timeout: 25 seconds
Connection Idle Timeout: N/A
Once identified, the client on the DPM Key Vault with the corresponding name should be deleted
when the DPM is deregistered on the Brocade Encryption Switch. Otherwise reregistration of the
DPM Key Vault will result in key vault connectivity failure on the Brocade Encryption Switch. (Refer
to Figure 111.)
FIGURE 111 DPM Clients page