Releasing an SSL certificate passphrase

System Administrator Guide for VSP 5000 Series

Version
90-09-2x
Audience
anonymous
Part Number
MK-98RD9009-16

An SSL certificate cannot be uploaded to the SVP if the passphrase is set. If the passphrase is set, use the following procedure to release the passphrase for the SSL certificate before applying it to the SVP.

  • The private key (server.key file) must have been created.
  • OpenSSL must be installed. In this procedure, it is installed in C:\openssl.
  • All users must be logged out of Device Manager - Storage Navigator.
  1. On the SVP, open a command prompt with administrator permissions.
  2. Move the current directory to the folder containing the key file (for example, C:\key).
  3. Execute the following command.
    CAUTION:
    Executing this command will overwrite the current key file. To prevent loss of the key file, either back up the key file before executing the following command, or specify a different key file input destination and output destination when executing the following command.
    C:\key>C:\openssl\bin\openssl rsa -in key-file-input-destination -out key-file-output-destination
  4. When Enter pass phrase for server.key: is displayed, enter the passphrase.
    The passphrase in the SSL private key is released, and the SSL certificate can be applied to the SVP.

Example (when passphrase is set)

  • When the key type is RSA:

    C:\key>C:\openssl\bin\openssl rsa -in server.key -out server.key
    Enter pass phrase for server.key:
  • When the key type is ECDSA:

    C:\openssl\bin\openssl ec -in server.key -out server.key
    read EC key
    Enter PEM pass phrase:

Example (when passphrase is not set)

  • When the key type is RSA:

    C:\key>C:\openssl\bin\openssl rsa -in server.key -out server.key
    writing RSA key
  • When the key type is ECDSA:

    C:\openssl\bin\openssl ec -in server.key -out server.key
    read EC key
    writing EC key