Manualshelf

Brocade Fabric OS Encryption Administrator's Guide v6.3.0 (53-1001341-02, July 2009)

ManualsBrandsHP ManualsStorageHP Encryption SAN Switch
241242243244245246247248249250
226 Encryption Administrator’s Guide
53-1001341-02
The HP Secure Key Manager
D
Creating an SKM Key vault High Availability cluster
The HP SKM key vault supports clustering of HP SKM appliances for high availability. If two SKM
key vaults are configured, they must be clustered. If only a single LKM key vault is configured, it
may be clustered for backup purposes, but it will not be directly used by the switch.
To create a cluster, perform the following steps on one of the HP SKM appliances that is to be a
member of the cluster
1. Select the Device tab on the SKM key manager.
2. Select Cluster under Device Configuration.
The Cluster Configuration page is displayed.
3. Type the cluster password under Create Cluster.
The default value for Local Port is 9001. This is the recommended value, and should not be
changed unless your IT department requires a different value.
4. Select Create.
5. Select Download Cluster Key under Cluster Settings.
6. Copy the cluster key and save it in a convenient location. This key is needed for Adding an HP
SKM appliance to a cluster. You will be able to browse to the location as part of that
procedure.
NOTE
Record the local IP address and cluster password for use in Adding an HP SKM appliance to a
cluster”.
Copying the local CA certificate
1. Select the Security tab.
2. Select Local CAs under Certificates & CAs.
3. Select the name of the local CA from the Local Certificate Authority list.
The CA Certificate Information is displayed.
4. Copy the key contents, beginning with
---BEGIN CERTIFICATE REQUEST--- and ending with
---END CERTIFICATE REQUEST---
. Be careful not to include any extra characters.
This certificate data will be transferred to other HP SKM appliances in “Adding an HP SKM
appliance to a cluster”.
Keep this browser window open while going on to Adding an HP SKM appliance to a cluster”.
Adding an HP SKM appliance to a cluster
1. Open a new browser window, while keeping the browser window from“Copying the local CA
certificate” open.
2. Log in to the HP SKM Key Manager console of the HP SKM appliance that is being added.
3. Select the Security tab.