Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
rb:brocade-commands [08/07/2019 12:21]
andrew [HOW-TO configure syslog servers in brocade switches]
rb:brocade-commands [08/07/2019 12:24] (current)
andrew [How-to Enable https on Brocade switches]
Line 326: Line 326:
   4. Disable secure protocols.   4. Disable secure protocols.
   ​   ​
 +  Continue (yes, y, no, n): [no] y
 +  Generating new rsa public/​private key pair
 +  Done.
 +  ​
 +  ​
 +Create a request (CSR)
  
 +  fcsw3-01:​admin>​ seccertutil gencsr -country GI -state GI -locality Gibraltar -org "IGT Interactive" ​
 +   ​-orgunit Interactive -cn fcsw4-01.company.com
 +  Generating CSR, file name is: 192.168.191.63.csr
 +  ​
 +Export it to CA server (or just copy the content of csr file to CA server)
 +  Option 1.
 +  seccertutil export [-ldapcacert [-certname <​certificate name>] | -fcapswcert | -fcapswcsr | -fcapcacert]
 +                     ​[-protocol <FTP | SCP>] [-ipaddr <IP address>​] [-remotedir <remote directiory>​]
 +                     ​[-login <login name>] [-password <​password>​]
 +
 +  Option 2.
 +  fcsw3-01:​admin>​ seccertutil showcsr
 +  ...
 +  Copy the content directly to a file in CA Authority ​
 +  ​
 +  ​
 +Sign CSR using CA
 +  [[how to sign a csr using CA]]
 +
 +Import the .pem key into the switch and enable https:
 +  fcsw3-01:​admin>​ seccertutil import -config swcert -enable https -protocol SCP -ipaddr 192.168.191.9 -remotedir /​root/​certs ​
 +  -certname fcsw3-01.company.com.pem -login root
 +  Password:
 +  Success: imported certificate [fcsw3-01.company.com.pem].
 +  Certificate file in configuration has been updated.
 +  Secure http has been enabled.
 +     
 +  ​

rb/brocade-commands.txt ยท Last modified: 08/07/2019 12:24 by andrew