Brocade Fabric OS Encryption Administrator's Guide Supporting Fabric OS v6.2.0 (53-1001201-04, May 2009)
46 Encryption Administrator’s Guide
53-1001201-04
Configure Encryption for LKM key vaults
2
FIGURE 29 Configuration Status dialog box
DCFM sends API commands to verify the switch configuration.
• Initialize the switch
If the switch is already in the initiated state, DCFM performs the
cryptocfg --initnode command.
• Create encryption group on the switch
DCFM creates a new group using the
cryptocfg --create -encgroup command, and sets
the key vault type using the
cryptocfg --set -keyvault command.
• Register key vault(s)
DCFM registers the key vault using the
cryptocfg --reg keyvault command.
• Enable the encryption engines
DCFM initializes an encryption switch using the
cryptocfg --initEE [<slotnumber>] and
cryptocfg --regEE [<slotnumber>] commands.
• Save the switch’s public key certificate to a file
DCFM saves the KAC certificate into the specified file.
12. Click Next.
The Read Instructions dialog box displays instructions for installing public key certificates for
the encryption switch. These instructions are specific to the key vault type. Copy or print these
instructions.