En el post Seguridad en una SAN Brocade II – Administración con protocolos inseguros se vió como denegar el acceso a los switches Brocade a través del interfaz de administración por protocolos no seguros, TELNET y HTTP. A continuación veremos como activar el protocolo HTTPS para acceder a la herramienta WEB TOOLS. El procedimiento se compone de una miscelanea de fuentes ya que el descrito en el Admin Guide del Fabric OS no es exacto. Se describe a continuación como se ha generado para el core de una fabric y de forma análoga se debe de realizar en el resto de switches:
1.- Hacer login con usuario con privilegios de administrador por SSH al switch al que se habilitará HTTPS y ejecutar la siguiente secuencia de comandos:
core1:angel> seccertutil genkey
Generating a new key pair will automatically do the following:
1. Delete all existing CSRs.
2. Delete all existing certificates.
3. Reset the certificate filename to none.
4. Disable secure protocols.Continue (yes, y, no, n): [no] yes
Select key size [1024 or 2048]: 1024
Generating new rsa public/private key pair
Done.core1:angel> seccertutil gencsr
Country Name (2 letter code, eg, US):ES
State or Province Name (full name, eg, California):Sevilla
Locality Name (eg, city name):Sevilla
Organization Name (eg, company name):AA
Organizational Unit Name (eg, department name):LABS
Common Name (Fully qualified Domain Name, or IP address):core1
Generating CSR, file name is: 192.168.100.1.csr
Done.core1:angel> seccertutil export
Select protocol [ftp or scp]: ftp
Enter IP address: 192.168.200.1
Enter remote directory: /home/angel/certs/
Enter Login Name: angel
Enter Password:
Success: exported CSR.
2.- Copiar el fichero CSR a un servidor que contenga las utilidades openssl y el par de clave/certificado de la Agencia Certificadora "cacert.pem y cakey.pem". El siguiente comando generará a partir del fichero CSR un certificado que importaremos desde el switch para activar el sevicio HTTPS:
angel@miequipo ~/pendiente/certificados $ openssl x509 -req -days 3650 -in 192.168.100.1.csr -CA cacert.pem -CAkey cakey.pem -set_serial 01 -out 192.168.100.1.pem
Signature ok
subject=/C=ES/ST=Sevilla/L=Sevilla/O=AA/OU=LABS/CN=core1
Getting CA Private Key
Enter pass phrase for cakey.pem:
En este caso se ha asignado un serial para cada switch (-set_serial) de la siguiente forma:
core1 –> 01
core2 –> 02
edge4 –> 03
edge2 –> 04
edge8 –> 05
edge6 –> 06
edge3 –> 07
edge1 –> 08
edge7 –> 09
edge5 –>10
3.- El certificado creado importarlo en el switch
core1:angel> seccertutil import -config swcert -enable https
Select protocol [ftp or scp]: ftp
Enter IP address: 192.168.200.1
Enter remote directory: /home/angel/certs/
Enter certificate name (must have ".crt" or ".cer" ".pem" or ".psk" suffix):192.168.100.1.pem
Enter Login Name: angel
Enter Password:
Success: imported certificate [192.168.100.1.pem].
Certificate file in configuration has been updated.
Secure http has been enabled.
De esta forma ya está el servicio HTTPS levantado.
Thanks for finally talking about > Seguridad
en una SAN Brocade III – Activar administración por HTTPS | Almacenamiento Abierto pokerpulsa888.xyz
Unquestionably believe that that you said. Your favorite reason appeared
to be at the net the simplest thing to take note of.
I say to you, I definitely get annoyed whilst folks consider
issues that they plainly don’t know about.
You controlled to hit the nail upon the highest as neatly as outlined out the
whole thing with no need side effect , people can take a signal.
Will probably be again to get more. Thanks
It’s not my first time to go to see this site, i am visiting this web page
dailly and obtain good information from here daily.
I constantly emailed this weblog post page to all my contacts, because if like to read it after that my
friends will too.
my web blog; poker online via pulsa
Very nice post. I simply stumbled upon your blog and wished to mention that I have truly enjoyed browsing
your blog posts. In any case I’ll be subscribing on your rss feed and I’m
hoping you write once more soon!
Hi there! This article couldn’t be written much better! Reading through this post reminds me of my previous roommate!
He continually kept preaching about this. I will send this article to him.
Fairly certain he will have a very good read. Thank you
for sharing!
Awesome post.
My spouse and I absolutely love your blog and find a lot of
your post’s to be precisely what I’m looking for.
can you offer guest writers to write content for you?
I wouldn’t mind producing a post or elaborating on many
of the subjects you write with regards to here. Again, awesome site!
Hi! Do you know if they make any plugins to help with Search Engine Optimization? I’m
trying to get my blog to rank for some targeted keywords but I’m not
seeing very good results. If you know of any please share.
Kudos!
My webpage :: poker deposit via pulsa
May I simply just say what a comfort to uncover someone that actually
understands what they are talking about over the internet.
You actually realize how to bring an issue to light and make it
important. A lot more people really need to read this and understand this side of
the story. I was surprised that you aren’t more popular given that you definitely possess the gift.
My brother recommended I might like this blog.
He was totally right. This post actually made my
day. You can not imagine just how much time I had spent for this information! Thanks!
Stop by my web-site – https://newbola.com
Greetings from Florida! I’m bored at work so I decided to check out
your site on my iphone during lunch break. I enjoy the
info you present here and can’t wait to take a look when I
get home. I’m surprised at how fast your blog loaded on my phone ..
I’m not even using WIFI, just 3G .. Anyways,
very good site!
Also visit my page; slotpulsa365.xyz
Hi, i feel that i noticed you visited my weblog thus i came to return the
favor?.I’m attempting to find things to enhance my website!I suppose its good enough to
use some of your concepts!!
I was recommended this web site by my cousin. I am not sure whether
this post is written by him as nobody else know such detailed about my
problem. You are incredible! Thanks!
Vaⅼuable informаtion. Fortunate me I discovered your site ƅy chance,
and I am ѕhоcked why this accident did not came about earlier!
I bookmarked it.
Heеre is my blig post; link alternatif Goltogel
Whats up very nice website!! Guy .. Beautiful ..
Superb .. I will bookmark your web site and take
the feeds also? I’m glad to find a lot of helpful
info right here in the publish, we need work out more
techniques on this regard, thanks for sharing. . . .
. .
Heya this is kind of of off topic but I was wanting to know if blogs use WYSIWYG
editors or if you have to manually code with HTML.
I’m starting a blog soon but have no coding skills so I wanted to get
advice from someone with experience. Any help would be enormously appreciated!
I seriously love your site.. Excellent colors
& theme. Did you create this web site yourself? Please reply back as I’m wanting to
create my own personal website and would like to know where
you got this from or just what the theme is called. Many thanks!
I love reading through an article that can make people think.
Also, thanks for allowing me to comment!
For latest information you have to visit the
web and on web I found this website as a best website for hottest
updates.
Thanks to my father who stated to me on the topic of this website,
this blog is really awesome.
Hello to every body, it’s my first pay a quick visit of this
web site; this weblog contains remarkable and genuinely good information in favor of visitors.
Hello excellent blog! Does running a blog similar to this require a
lot of work? I’ve virtually no understanding of computer programming
but I had been hoping to start my own blog in the near future.
Anyway, if you have any ideas or techniques for new blog owners please share.
I understand this is off topic however I just needed to ask.
Thank you!
Nice blog here! Also your site a lot up fast! What host are you the usage of?
Can I am getting your associate hyperlink to your host?
I wish my web site loaded up as fast as yours lol
Hi there! This is kind of off topic but I need some help from an established blog.
Is it very hard to set up your own blog? I’m not
very techincal but I can figure things out pretty quick.
I’m thinking about setting up my own but I’m not sure where to begin. Do you have any tips or suggestions?
Appreciate it
Aw, this was an extremely good post. Spending some time
and actual effort to make a great article… but what can I say… I put things off a whole lot and never seem to get nearly anything done.
Peculiar article, totally what I wanted to find.
Hello! This post couldn’t be written any better! Reading through this post reminds me of my previous
room mate! He always kept talking about this. I will forward
this write-up to him. Fairly certain he will have a
good read. Many thanks for sharing!
It’s appropriate time to make a few plans for the long run and it’s
time to be happy. I have learn this post and if I may I want to counsel you few
fascinating things or tips. Maybe you could write
subsequent articles referring to this article. I want to read more things about it!
Tremendous things here. I am very satisfied
to peer your article. Thanks a lot and I’m taking a look ahead to touch you.
Will you please drop me a mail?
Your style is very unique compared to other folks I’ve read
stuff from. Thank you for posting when you’ve
got the opportunity, Guess I’ll just bookmark this
blog.
magnificent points altogether, you simply won a brand
new reader. What might you suggest about your put up that you made a few days ago?
Any certain?
Good day! Do you know if they make any plugins to assist with SEO?
I’m trying to get my blog to rank for some targeted keywords but I’m not seeing very good gains.
If you know of any please share. Cheers!
Here is my blog post … slotpulsa88.xyz
If you desire to get a great deal from this article then you have to
apply these strategies to your won website.
Write more, thats all I have to say. Literally, it seems as though you relied on the video to make your point.
You clearly know what youre talking about, why waste your intelligence on just posting videos to
your blog when you could be giving us something informative to read?
It’s genuinely very difficult in this full of activity life to
listen news on TV, thus I just use world wide web for
that purpose, and obtain the most recent news.
Quality content is the crucial to be a focus for the viewers to visit the web site, that’s what this
site is providing.
Undeniably believe that that you stated. Your favourite reason appeared to be at the web the easiest thing to take into account of.
I say to you, I definitely get annoyed even as people consider concerns
that they just don’t recognize about. You controlled to hit the nail upon the top and also defined out the whole thing with no need side-effects ,
people can take a signal. Will probably be again to get more.
Thank you
I’m really loving the theme/design of your blog.
Do you ever run into any internet browser compatibility issues?
A small number of my blog readers have complained about
my blog not operating correctly in Explorer but looks great in Opera.
Do you have any solutions to help fix this issue?
Thanks for your marvelous posting! I truly enjoyed reading it,
you happen to be a great author. I will be sure to bookmark your blog and definitely will come back
someday. I want to encourage continue your great posts, have a nice afternoon!
Hey there would you mind sharing which blog platform you’re using?
I’m looking to start my own blog in the near future
but I’m having a tough time selecting between BlogEngine/Wordpress/B2evolution and Drupal.
The reason I ask is because your design and style seems different then most blogs and I’m
looking for something unique. P.S My apologies for getting off-topic but I had to ask!
If you desire to improve your familiarity only keep visiting this website and be
updated with the most recent news update posted here.
Hello! This is my first visit to your blog! We are a
group of volunteers and starting a new project in a
community in the same niche. Your blog provided us useful information to work on. You have done
a marvellous job!
Awesome issues here. I’m very satisfied to look your post.
Thanks so much and I am looking ahead to touch you. Will you kindly drop me a mail?
Thanks for finally talking about > Seguridad en una SAN Brocade III –
Activar administración por HTTPS | Almacenamiento Abierto login slot
online
Hello would you mind stating which blog platform you’re working with?
I’m going to start my own blog soon but I’m having a tough time selecting
between BlogEngine/Wordpress/B2evolution and Drupal.
The reason I ask is because your layout seems different then most blogs and I’m looking
for something completely unique. P.S Sorry for getting off-topic but I had to ask!
my page: agen poker deposit pulsa
Keep this going please, great job!
Wow, fantastic blog layout! How lengthy have you been blogging for?
you make blogging look easy. The whole glance of your web site is wonderful, let alone the content!
I do not even know how I stopped up here, however I assumed this
submit used to be great. I don’t understand who you might be however definitely you’re going to a well-known blogger
in the event you aren’t already. Cheers!
Quality articles or reviews is the secret to interest the visitors to go to
see the site, that’s what this web site is providing.