Uploading the web server certificate to the SVP

System Administrator Guide for Virtual Storage Platform E Series

Version
93-07-0x
Audience
anonymous
Part Number
MK-97HM85028-18

Execute the SSL communication with Device Manager - Storage Navigator installed on the SVP as a client and with the controller of the storage system as a server. Upload the private key and the signed server certificate (public key) to the SVP for using the SSL communication.
The extended profile fields in the X.509 certificate support the following items as specified in RFC5280:
  • BasicConstraints
  • KeyUsage
  • SubjectKeyIdentifier

Use the following procedure to upload the certificate using the certificate update tool.

  • The private key for the web server and the signed public key certificate must be updated in the maintenance utility.
  • The private key (server.key file) and signed public key certificate (server.crt file) must be in X509 PEM format or X509 DER format.
  • If an intermediate certificate exists, you must prepare a signed public key certificate (server.crt file) in a certificate chain that contains the intermediate certificate.
  • The number of tiers of the certificate chain for the certificate to be uploaded must be 5 tiers or less including the root CA certificate.
  • The GUM firmware version 93-02-01 or later is required to update a certificate file to a certificate file in a certificate chain that contains the intermediate certificate and root CA certificate.
  • The public key encryption method for the certificate to be uploaded must be RSA.
  • All users must be logged out of Device Manager - Storage Navigator.
  1. On the SVP, start a Windows command prompt as Administrator.
  2. Move the current directory to the directory containing the certificate update tool (MappSn2GumSslCrtUpdate.bat).
  3. Run the following command:
    C:\MAPP\wk\Supervisor\MappIniSet\ 
    MappSn2GumSslCrtUpdate.bat r[absolute path of the certificate file]
    Note: In this command, C:\MAPP indicates the installation directory of the storage management software and SVP software. If the installation directory is not C:\Mapp, replace C:\Mapp with your installation directory.
  4. When prompted, press any key to continue.
  5. When the processing is complete, you can close the command prompt.
Verify that the uploaded certificate is valid by checking that the Maintenance Utility window opens. For details and instructions, see Checking the web server certificate uploaded to the SVP.