Uploading the certificate for “Connect to SVP” to the SVP

System Administrator Guide for VSP E990 and VSP G130, G/F350, G/F370, G/F700, G/F900

Version
88-08-0x
Audience
anonymous
Part Number
MK-97HM85028-11

Before using a certificate for SSL communications between the SVP and the storage system, you need to upload the signed public key certificate to the SVP.
The extended profile fields in the X.509 certificate support the following items as specified in RFC5280:
  • BasicConstraints
  • KeyUsage
  • SubjectKeyIdentifier
  • The private key for the storage system and the signed public key certificate must be updated in the maintenance utility.
  • The signed public key certificate (server.crt file) must be in X509 PEM format.
  • If an intermediate certificate exists, you must prepare a signed public key certificate (server.crt file) in a certificate chain that contains the intermediate certificate.
  • The number of tiers of the certificate chain for the certificate to be uploaded must be 5 tiers or less including the root CA certificate.
  • The following GUM firmware version is required to update a certificate file to a certificate file in a certificate chain that contains the intermediate certificate and CA certificate:
    • 93-02-01-xx/xx or later
    • 88-06-01-xx/xx or later
  • The public key encryption method for the certificate to be uploaded must be RSA.
  • All users must be logged out of Device Manager - Storage Navigator.
  1. On the SVP, start a Windows command prompt as Administrator.
  2. Move the current directory to the directory containing the tool MappL7SwitchGumSslCrtUpdate.bat.
  3. Run the following commands:
    cd /d C:\Mapp\wk\Supervisor\MappIniSet
    MappL7SwitchGumSslCrtUpdate.bat absolute-path-of-the-certificate-file

    In this command, C:\MAPP indicates the installation directory of the storage management software and SVP software. If the installation directory is not C:\Mapp, replace C:\Mapp with your installation directory.

  4. When prompted, press any key to continue.
  5. When the processing is complete, you can close the command prompt.