Brocade Communications Systems 53-1001778-01 specification

3 SMI Agent security

FIGURE 12 Importing client certificates

3.Enter information for the client certificate to be used for mutual authentication for clients.

a.Type the path of the client certificate in the Certificate File Name field, or click Select File to browse for the file.

b.Type the alias name of the certificate in the Alias Name field.

4.Enter information for the client certificate to be used for mutual authentication for indications.

5.Click Apply.

The changes take effect when you restart the server. Click Start Server to restart the server.

Exporting server certificates

If you enable mutual authentication for clients or mutual authentication for indications, you can export the corresponding SMI-A server certificate to a file so the client can add the certificate to its TrustStore. This certificate will be used for authentication if mutual authentication is enabled.

If mutual authentication is enabled and if you do not export the SMI Agent server certificate, then the client keystore, truststore, and server certificates will be used for authentication.

You must have Administrator privileges (Windows) or root/admin privileges (Linux, Solaris, and AIX) to export server certificates. This option is disabled if you do not have the appropriate privilege.

1.Launch the Brocade SMI Agent Configuration Tool.

2.Click Export in the menu tree (see Figure 13).

26	Brocade SMI Agent User’s Guide
	53-1001778-01

Image 42

Brocade Communications Systems 53-1001778-01 manual Exporting server certificates

Contents

Brocade SMI Agent Brocade Communications Systems, Incorporated Title Publication number Summary of changes Date Brocade SMI Agent User’s Guide Contents Chapter Brocade SMI Agent Configuration Chapter Mutual Authentication for Clients and Indications Index This chapter How this document is organized Supported hardware and software What’s new in this document Document conventionsText formatting Identifies command syntax examples Key terms Additional information Brocade resourcesOther industry resources Getting technical help FT00X0054E9 Brocade SMI Agent support Support@brocade.com Document feedback Overview Common Information Model CIM Brocade SMI-S Initiative Brocade SMI Agent Brocade SMI Agent Brocade SMI Agent User’s Guide Brocade SMI Agent Starting the SMI-A Starting the SMI-A as a service Stop the Brocade SMI AgentStopping the SMI-A Service Location Protocol SLP support Stopping the SMI-A as a service Slptool commands SLP on Linux, Solaris, and AIX Starting SLP on Linux, Solaris, and AIX Stopping SLP on Linux, Solaris, and AIX Installing SLP on Windows SLP on WindowsStarting SLP on Windows Disable Http for security reasons Connection monitoring Enable multi-homed support For example Brocade SMI Agent Configuration About the Brocade SMI Agent Configuration Tool Apply Launch the Brocade SMI-A Configuration Tool Launching the Brocade SMI Agent Configuration Tool Windows Proxy connections Reloading provider.xml on fabric segmentationAdding proxy connections Login failure status information Removing proxy connections Access control Access control Login failure status messages Mapping an SMI-A user to a switch user Setting up default SMI-A user mapping Limitations of SMI-A user-to-switch user mapping SMI Agent security Mutual authentication setup Configuring mutual authentication for clients Configuring mutual authentication for indications Configuring Http access Mutual authentication for indications Http access Importing client certificates Exporting server certificates SMI Agent security Configuring user authentication User authentication Encoding proxy connection details Encode proxy details SMI Agent service configuration and removal Configuring or removing the SMI Agent as a service Port configuration Configure Http and Https portsConfiguring the Http and Https ports Configure ARR and eventing ports Configuring the ARR and eventing ports Fabric Manager database server configuration Configure ARR and eventing ports Firmware download software locations configuration Configuring software locations for firmware download File Path Debugging and logging options configuration Configuring debugging options for CimomDebugging options for Cimom Configure debugging options for Cimom Debugging options for the provider Configuring debugging options for the provider Dynamic Update Configuring logging options for provider Logging options for the provider Configure logging options Log file examples Capture provider cache information Capturing information from the provider cache Support information collection Collect support information XML dump Collecting support informationRunning an XML dump Cimom server configuration Configuring the Cimom server Configuring log file options Uncomment the following lines Mutual authentication for clients Introduction Enabling mutual authentication for clients Mutual authentication for indicationsClient configuration to use client certificates Enabling mutual authentication for indications Client.ind.truststore Clientind.cer Java -classpath SMIAgent/agent/wbem.jar Troubleshooting Xmlerror Xmlerror Frequently Asked Questions General questions How do I collect diagnostic data from the Brocade SMI Agent? Does the SMI Agent have support for Https communication? On Linux Type the following command Open source software used in SMI-A Appendix Sun Industry Standards Source License Source Code License Distribution Obligations Inability to Comply DUE to Statute or Regulation Termination IBM Common Public License Grant of Rights Commercial Distribution OpenSLP License Bouncy Castle GNU Library General Public License Public Domain Sun Binary Code License Agreement Brocade SMI Agent User’s Guide Supplemental License Terms Brocade SMI Agent User’s Guide Brocade SMI Agent User’s Guide 53-1001778-01 Sun Binary Code License Agreement Index Brocade SMI Agent User’s Guide