SANtricity 11 Manuals (CA08872-010)

to Japanese version

How do I know what certificates need to be uploaded to SANtricity System Manager for external key management?

For external key management, you import two types of certificates for authentication between the storage system and the key management server so the two entities can trust each other.

A client certificate validates the storage system’s controllers, so the key management server can trust their Key Management Interoperability Protocol (KMIP) requests. To obtain a client certificate, you use SANtricity System Manager to complete a CSR for the storage system. You can then upload the CSR to a key management server and generate a client certificate from there. Once you have a client certificate, copy that file to the host where you are accessing SANtricity System Manager.

A key management server certificate validates the key management server, so the storage system can trust its IP address. Retrieve the server certificate file from the key management server, and then copy that file to the host where you are accessing SANtricity System Manager.

Top of Page