Brocade Fabric OS Encryption Administrator's Guide v6.3.0 (53-1001341-02, July 2009)
94 Encryption Administrator’s Guide
53-1001341-02
Encryption switch initialization
3
NOTE
When exporting a certificate to a location other than your home directory, you must specify a
fully qualified path that includes the target directory and file name. When exporting to USB
storage, certificates are stored by default in a predetermined directory, and you only need to
provide a file name for the certificate. An easy way to track exported certificates is by using the
base certificate name with the appropriate file extension (*.pem) and prefixing the name with
a character string that identifies the certificate’s originator, for example, the switch IP address
or host name.
Importing a certificate
1. Log into the switch to which you wish to import the certificate as Admin or SecurityAdmin.
2. Enter the cryptocfg
--import command with the appropriate parameters.
The following example imports a CP certificate named “enc_switch1_cp_cert.pem” that was
previously exported to the external host 192.168.38.245. Certificates are imported to a
predetermined directory on the node.
SecurityAdmin:swicth>cryptocfg --import -scp enc_switch1_cp_cert.pem \
192.168.38.245 mylogin /tmp/certs/enc_switch1_cp_cert.pem
Password:
Operation succeeded.
The following example imports a CP certificate named “enc_switch1_cp_cert.pem” that was
previously exported to USB storage.
SecurityAdmin:swicth>cryptocfg --import -usb enc_switch1_cp_cert.pem \
enc_switch1_cp_cert.pem
Operation succeeded.