Brocade Network Advisor SAN User Manual v12.0.0 (53-1002696-01, April 2013)
Brocade Network Advisor SAN User Manual 555
53-1002696-01
Steps for connecting to an ESKM/SKM appliance
20
6. Enable an SSL connection. Refer to “Enabling SSL on the Key Management System (KMS)
Server” on page 560.
7. Configure a cluster of ESKM/SKM appliances for high availability. Refer to:
• “Creating an ESKM/SKM High Availability cluster” on page 560.
• “Copying the local CA certificate for a clustered ESKM/SKM appliance” on page 561
• “Adding ESKM/SKM appliances to the cluster” on page 561
8. Export and sign the encryption node certificate signing requests. Refer to “Signing the
encryption node KAC CSR on ESKM/SKM” on page 562.
9. Import the signed certificates into the encryption node. Refer to “Importing a signed KAC
certificate into a switch” on page 563.
Configuring a Brocade group on ESKM/SKM
A Brocade group is configured on ESKM/SKM for all keys created by encryption switches and
blades. This needs to be done only once for each key vault.
1. Log in to the ESKM/SKM management web console using the admin password.
2. Select the Security tab.
3. Select Local Users & Groups under Users and Groups.
4. Select Add under Local Users.
5. Create a Brocade user name and password.
6. Select the User Administration Permission and Change Password Permission check boxes,
then click Save.
7. Sel ec t Add under Local Groups.
8. Add a Brocade group under Group, then click Save.
9. Select the new Brocade group name, then select Properties.
Local Group Properties and a User List are displayed.
10. In the User List section, select or type the Brocade user name under Username, then click
Save.
The Brocade user name and password are now configured on ESKM/SKM.
NOTE
Fabric OS 6.2.0 uses brcduser1 as a standard user name when creating a Brocade group on
ESKM/SKM. If you downgrade to version 6.2.0, the user name is overwritten to brcduser1, and the
Brocade group user name must be changed to brcduser1.