Manualshelf

Brocade Fabric OS Encryption Administrator's Guide Supporting Fabric OS v6.2.0 (53-1001201-04, May 2009)

ManualsBrandsHP ManualsStorageHP Encryption SAN Switch
61626364656667686970
Encryption Administrator’s Guide 43
53-1001201-04
Configure Encryption for LKM key vaults
2
Obtaining the key vault certificate
1. Select Utilities > Command Line from the DataFort Management Console.
The Command Line dialog box displays.
2. Enter the following command in the Command text box:
sys cert getcert -v2
3. Click Execute.
The certificate content displays in the certificate text box.
4. Copy and paste the certificate content and save into a file. You will need this file when you
create a new encryption group (step 7 of “Creating a new encryption group with LKM”).
Creating a new encryption group with LKM
The following steps describe how to start and run the encryption setup wizard, and then create a
new encryption group with the Netapp Lifetime Key Manager (LKM).
NOTE
When a new encryption group is created, any existing tape pools in the switch are removed.
1. Select Configure > Encryption from the menu bar.
The Configure Encryption dialog box displays.
2. Select a switch from the <NO GROUP DEFINED> encryption group. The switch must not be in
an encryption group already.
3. Click Setup.
The Configure Switch Encryption welcome panel displays.
4. Click Next.
Create a new encryption group containing just this switch is pre-selected. This is the correct
selection for creating a new group. If you are running the wizard to add a switch to an existing
group, follow the steps in Adding a switch to an encryption group” on page 57.
5. Click Next.
The Create a New Encryption Group dialog box displays.
6. Enter an Encryption Group Name for the encryption group (the maximum length of the group
name is 15 characters; letters, digits, and underscores are allowed) and select the Automatic
failback mode.
NOTE
If the name you enter for the encryption group already exists, a pop-up warning message
displays. Although unique group names avoid confusion while managing multiple groups, you
are not prevented from using duplicate group names. Click Yes to use the same name for the
new encryption group, or click No to enter a new, unique name.
7. Cli ck Next.
The Select Key Vault dialog box displays.