Support User Manuals

Brocade Communications Systems 12.4.00a Home Theater Server User Manual

Open as PDF

of 226

ServerIron ADX Security Guide 149

53-1002440-03

Configuring SSL on a ServerIron ADX

6

Windows Users

GUI-based SCP tools do not work in the current environment when you use SCP to transfer the

certificate files to the ServerIronADX. Windows users should have PSCP, a free SCP utility based on

putty SSH client. To access this Windows utility, use the following commands:

C:\images>pscp first.cer admin@200.100.100.2:sslcert:bs:pem

C:\images>pscp second.cer admin@200.100.100.2:sslcert:bs:pem

To upload a key-pair to a ServerIron ADX:

Syntax: pscp <key-pair-file-name>

<user>@<SI_IP_Addr>:sslkeypair:<filename-on-SI>:<password>:<format>

To download a key-pair from a ServerIron ADX:

Syntax: pscp <user>@<SI_IP_Addr>:sslkeypair:<filename_on_SI>:<password>:<format>

<key-pair-file-name>

To upload a certificate file to a ServerIron ADX:

Syntax: pscp <cert-file-name> <user>@<SI_IP_Addr>:sslcert:<filename-on-SI>:<format>

To download a certificate file from the ServerIron ADX:

Syntax: pscp <user>@<SI_IP_Addr>:sslcert:<filename-on-SI>:<format> <cert-file-name>

Example:

The following example uploads a certificate file named: "first.cert" to a ServerIron ADX and saves it

with the name "bs" in pem format:

C:\images>pscp first.cer admin@200.100.100.2:sslcert:bs:pem

Transferring a Keypair File and a Certificate File

For a ServerIron ADX to recognize the incoming file type, the filename must be in a specific format.

With the correct format, you can describe the file type, file name, password, and format.

The name is divided into fields, which are separated by colons (:). The following fields are used:

• File type - Determines whether the file contains a key pair or a certificate. The sslcert keyword

is used for a certificate. The sslkeypair keyword is used for a key pair.

• File name - The file name on the ServerIron ADX flash. The name cannot be more than 25

characters for the key pair file and 32 characters for the certificate file.

• Password - Only required for a keypair file password. It is not used in certificate files. The

password cannot be more than 64 characters.

• Format - Describes the format of the file. It can either be pem or pkcs12.

Based on these rules, use the following syntax to upload a file to ServerIronADX:

Syntax: scp <source-file> <username> @<SI_IP_Addr>:<filetype>:<filename>:<password>:

<format>

NOTE: You do not need the password field for PEM format certificate files.

NOTE

For example, if a keypair file, "myrsakeys" needs to be uploaded to ServerIron ADX, its password is

"brocade," and it is in PEM format. The SCP server is already enabled on the ServerIron ADX and a

user "admin" is also created.

To configure this scenario, use the following command:

previous next