Chapter 11 System Management
11.2 Functions in the Action Area for System
ETERNUS Web GUI User’s Guide
Copyright 2013 FUJITSU LIMITED P2X0-1090-10ENZ0
833
(3)Setup key management device name
Set the name (Key Management Machine Name) for the device that communicates with the key server.
Refer to "11.2.6.2 Setup Key Management Machine Name" (page 835)
.
(4)Add key server
Register the IP address or the domain name of the key server that manages the key. Up to two key
servers can be registered in the ETERNUS DX Disk storage system.
Refer to "11.2.6.3 Add Key Server" (page 836)
.
(5)Create key group
Create a key group. The key group combines all of the RAID groups that use the same key. Only one key
group can be created in the ETERNUS DX disk storage system.
Refer to "11.2.6.6 Create Key Group" (page 841)
.
(6)Import SSL/KMIP certificate
Register the SSL/KMIP certificate that is exported from the key server in the ETERNUS DX Disk storage
system.
Refer to "11.2.6.10 Import SSL/KMIP Certificate" (page 851)
.
(7)Update SED authentication key
Obtain the key that is to be registered in the key group from the key server.
Refer to "11.2.6.9 Update SED Authentication Key" (page 849)
.
Select a network port (MNT or RMT) that is specified in the [Setup Network Environment] function for
the LAN port that is used to communicate with the key server.
For details on how to export the SSL/KMIP certificate, refer to the manuals of the key management
software "ETERNUS SF KM".
When the [Update SED Authentication Key] function is performed at the first time, the process ends
with an error. Use the [Update SED Authentication Key] function until the key is successfully obtained.
When the key is successfully obtained, the key server status becomes "Normal". Up to three key updat-
ing processes may need to be performed. The [Update SED Authentication Key] ends with an error
until the key is obtained.
• When the key updating function is used for the first time, the ETERNUS DX Disk storage system
sends the SSL certificate to the key server. The key server waits for the SSL certificate to be regis-
tered. Register the SSL certificate in the key server.
• When the key updating function is used for the second time, the key server waits for the ETERNUS
DX Disk storage system to be accessed.
• When the key updating function is used for the third time, the ETERNUS DX Disk storage system
can obtain the key from the key server.
The key server status can be checked on the [Key Group] screen. Refer to "11.1.5.1 Key Group" (page
723) for details.