To use SSL-encrypted communication, you must upload the private key and the signed server certificate (public key) to the management client.
CAUTION:
When DKCMAIN firmware version 88-03-24 or earlier is updated, the existing SSL certificate file is deleted and replaced with the default certificate file. Therefore, back up the SSL certificate file before DKCMAIN firmware version 88-03-24 or earlier is updated, and then install the backed-up certificate file.
When DKCMAIN firmware version 88-03-25-x0/00 or later is updated, the existing certificate file is inherited.
- You must have the Storage Administrator (Initial Configuration) role to perform this task.
- You must be logged in to the SVP or management client.
- A private key (.key file) has been created. Make sure that the file name is server.key.
- A signed public key certificate (.crt file) has been acquired. Make sure that the file name is server.crt.
- The private key (.key file) must be in PEM format. You cannot use DER format.
- The signed public key certificate (.crt file) must be in X509 PEM format. You cannot use X509 DER format.
- The passphrase for the private key (server.key file) must be released.
- If an intermediate certificate exists, you must prepare a signed public key certificate (server.crt file) in a certificate chain that contains the intermediate certificate.
- The number of tiers of the certificate chain for the certificate to be uploaded must be 5 tiers or less including the root CA certificate.
- The public key of the certificate to be uploaded must be RSA.
-
In the maintenance utility
Menu navigation tree, click
System Management.
-
Click
Update Certificate Files.
Note: For storage systems without an SVP, unselect the Connect to SVP box.