Administrator's Guide Supporting Key Management Interoperability Protocol (KMIP) Key-Compliant Environments (Supporting Fabric OS v7.1.0) User guide
Fabric OS Encryption Administrator’s Guide (KMIP) 43
53-1002747-02
Steps for connecting to a KMIP appliance (SafeNet KeySecure)
2
FIGURE 31 Certificate and CA Configuration page - Sign Certificate Request
9. Select the local CA from the Sign with Certificate Authority drop-down list. The example is using
“SafeNetCA”.
10. Select Client as Certificate Purpose.
11. Set Certificate Duration. (Default is 3649 days.)
12. Paste the file contents that you copied in step 3 in the Certificate Request area.
13. Click Sign Request.
14. Download the signed certificate to your local system as signed_kac_kmip_cert.pem.
This file is ready to be imported to the encryption switch or blade.
Importing a signed KAC certificate into a switch
After a KAC CSR has been submitted and signed by a CA, the signed certificate must be imported
into the switch.
NOTE
This operation can be performed only after the switch is added to the encryption group.
1. Select Configure > Encryption from the menu task bar to display the Encryption Center
dialog box (Refer to Figure 6 on page 14).
2. Select a switch from the Encryption Center Devices table, then select Switch > Import
Certificate from the menu task bar.
The Import Signed Certificate dialog box displays (Figure 32).