Brocade Fabric OS Encryption Administrator's Guide Supporting Fabric OS v6.2.0 (53-1001201-04, May 2009)
Encryption Administrator’s Guide 33
53-1001201-04
Configure Encryption for RKM key vaults
2
Configure Encryption for RKM key vaults
This section describes how to create a new encryption group for the RKM key vault.
Obtaining RKM key vault public key certificates
Before creating a new encryption group, you need to export RKM public key certificates for the
primary key vault, and, if implemented, the secondary key vault, to a secure location. The path and
file name are a required parameter on the Create a New Encryption Group dialog box. You can use
FTP as in the following example, or other file transfer utilities.
-> C:\> ftp <host IP>
login
-> ftp> get <name>_kac_cert.pem
-> ftp> get <CA certificate>
-> ftp> bye
Creating a new encryption group with the RKM key vault
The following steps describe how to start and run the encryption setup wizard, and then create a
new encryption group.
NOTE
When a new encryption group is created, any existing tape pools in the switch are removed.
1. Select Configure > Encryption from the menu bar.
The Configure Encryption dialog box displays.
FIGURE 17 Configure Encryption - No Group Defined dialog box
2. Select a switch from the <NO GROUP DEFINED> encryption group. The switch must not be in
an encryption group already.
3. Click Setup.
The Configure Switch Encryption welcome panel displays.
4. Click Next.