Import SSL/KMIP Certificate

Overview

This function registers the SSL/KMIP certificate in the storage system. The SSL/KMIP certificate is used for communication with the key server.

When performing management of the SED authentication key (hereinafter referred to as "key") in the key server, communication between the key server and the storage system is required. To establish communication, register the "SSL/KMIP Certificate" (a trusted certificate of the key server) in the storage system.

Note
  • Export the SSL/KMIP certificate from the key server and register this certificate in the storage system.

  • To establish communication between the key server and the storage system, the SSL certificate of the storage system is also required. Refer to the [Create Self-signed SSL Certificate] function or the [Create Key/CSR] function for details.

  • The SSL/KMIP certificate can be registered even when the key server is not specified.

  • The SSL/KMIP certificate can be registered even when the key group is not created.

User Privileges

Availability of Executions in the Default Role

Default role Availability of executions
Monitor  
Admin
StorageAdmin  
AccountAdmin  
SecurityAdmin
Maintainer  

Refer to "User Roles and Policies" for details on the policies and roles.

Settings

SSL/KMIP Certificate Setting

Item Description Setting values

SSL/KMIP Certificate File

Click the [Browse...] button to specify the SSL/KMIP certificate file.

SSL/KMIP certificate file

Operating Procedures

  1. Click [Import SSL/KMIP Certificate] in [Action].

  2. Click the [Browse...] button to specify the path to the "SSL/KMIP Certificate File".

  3. Click the [Import] button.

    → A confirmation screen appears.

    Caution
    • An error screen appears in the following conditions:
      • Reading of the "SSL/KMIP Certificate" failed

      • The "SSL/KMIP Certificate" file is larger than 4096 bytes

  4. Click the [OK] button.

    → Importing of the SSL/KMIP certificate starts.

    Caution
    • When the imported file was not the "SSL/KMIP Certificate File", an error screen appears.

  5. Click the [Done] button to return to the [Key Group] screen.