En el post Seguridad en una SAN Brocade II – Administración con protocolos inseguros se vió como denegar el acceso a los switches Brocade a través del interfaz de administración por protocolos no seguros, TELNET y HTTP. A continuación veremos como activar el protocolo HTTPS para acceder a la herramienta WEB TOOLS. El procedimiento se compone de una miscelanea de fuentes ya que el descrito en el Admin Guide del Fabric OS no es exacto. Se describe a continuación como se ha generado para el core de una fabric y de forma análoga se debe de realizar en el resto de switches:
1.- Hacer login con usuario con privilegios de administrador por SSH al switch al que se habilitará HTTPS y ejecutar la siguiente secuencia de comandos:
core1:angel> seccertutil genkey
Generating a new key pair will automatically do the following:
1. Delete all existing CSRs.
2. Delete all existing certificates.
3. Reset the certificate filename to none.
4. Disable secure protocols.Continue (yes, y, no, n): [no] yes
Select key size [1024 or 2048]: 1024
Generating new rsa public/private key pair
Done.core1:angel> seccertutil gencsr
Country Name (2 letter code, eg, US):ES
State or Province Name (full name, eg, California):Sevilla
Locality Name (eg, city name):Sevilla
Organization Name (eg, company name):AA
Organizational Unit Name (eg, department name):LABS
Common Name (Fully qualified Domain Name, or IP address):core1
Generating CSR, file name is: 192.168.100.1.csr
Done.core1:angel> seccertutil export
Select protocol [ftp or scp]: ftp
Enter IP address: 192.168.200.1
Enter remote directory: /home/angel/certs/
Enter Login Name: angel
Enter Password:
Success: exported CSR.
2.- Copiar el fichero CSR a un servidor que contenga las utilidades openssl y el par de clave/certificado de la Agencia Certificadora "cacert.pem y cakey.pem". El siguiente comando generará a partir del fichero CSR un certificado que importaremos desde el switch para activar el sevicio HTTPS:
angel@miequipo ~/pendiente/certificados $ openssl x509 -req -days 3650 -in 192.168.100.1.csr -CA cacert.pem -CAkey cakey.pem -set_serial 01 -out 192.168.100.1.pem
Signature ok
subject=/C=ES/ST=Sevilla/L=Sevilla/O=AA/OU=LABS/CN=core1
Getting CA Private Key
Enter pass phrase for cakey.pem:
En este caso se ha asignado un serial para cada switch (-set_serial) de la siguiente forma:
core1 –> 01
core2 –> 02
edge4 –> 03
edge2 –> 04
edge8 –> 05
edge6 –> 06
edge3 –> 07
edge1 –> 08
edge7 –> 09
edge5 –>10
3.- El certificado creado importarlo en el switch
core1:angel> seccertutil import -config swcert -enable https
Select protocol [ftp or scp]: ftp
Enter IP address: 192.168.200.1
Enter remote directory: /home/angel/certs/
Enter certificate name (must have ".crt" or ".cer" ".pem" or ".psk" suffix):192.168.100.1.pem
Enter Login Name: angel
Enter Password:
Success: imported certificate [192.168.100.1.pem].
Certificate file in configuration has been updated.
Secure http has been enabled.
De esta forma ya está el servicio HTTPS levantado.
Hi there to every one, it’s in fact a fastidious for me to pay a visit this web page,
it consists of valuable Information.
Informative article, exactly what I was looking for.
You could definitely see your skills within the work you write.
The arena hopes for more passionate writers like you who aren’t afraid to
say how they believe. At all times go after your heart.
This is a topic that is near to my heart… Thank you!
Exactly where are your contact details though?
Do you mind if I quote a few of your posts as long as I
provide credit and sources back to your website? My blog is in the
exact same niche as yours and my users would certainly benefit from some of the information you present here.
Please let me know if this alright with you. Thanks a lot!
Genuinely when someone doesn’t understand afterward its up
to other users that they will assist, so here it occurs.
Hi to every body, it’s my first pay a visit of this website;
this website contains amazing and in fact good information in favor of visitors.
hello!,I really like your writing very much! proportion we keep in touch
more approximately your post on AOL? I need an expert in this area to unravel my problem.
Maybe that’s you! Having a look ahead to look you.
No matter if some one searches for his necessary thing, thus he/she desires to be available that in detail, therefore that thing is maintained over here.
Very nice post. I just stumbled upon your
weblog and wanted to say that I have truly enjoyed browsing your blog posts.
After all I’ll be subscribing to your feed and I hope you write again very soon!
Please let me know if you’re looking for a writer for your weblog.
You have some really great articles and I think I would be a good asset.
If you ever want to take some of the load off, I’d really like
to write some content for your blog in exchange for a link
back to mine. Please send me an e-mail if interested. Many thanks!
Great blog! Do you have any tips for aspiring writers? I’m hoping
to start my own website soon but I’m a little lost on everything.
Would you propose starting with a free platform like WordPress or go
for a paid option? There are so many choices out there that I’m totally confused ..
Any recommendations? Thank you!
Thanks in favor of sharing such a pleasant thought, paragraph is pleasant,
thats why i have read it fully
I constantly spent my half an hour to read this blog’s posts all the time along with a mug of coffee.
Great post.
I am sure this piece of writing has touched all the internet viewers, its really really fastidious paragraph
on building up new weblog.
Excellent write-up. I definitely love this site. Keep it up!
This information is invaluable. When can I find out more?
I always used to read piece of writing in news papers
but now as I am a user of net therefore from now I am using net for posts,
thanks to web.
Have you ever considered publishing an ebook or guest
authoring on other sites? I have a blog based upon on the same ideas you discuss
and would really like to have you share some stories/information. I know my visitors would appreciate your
work. If you’re even remotely interested, feel free to send me an email.
you’re truly a excellent webmaster. The site loading speed is amazing.
It kind of feels that you are doing any distinctive trick.
In addition, The contents are masterwork. you have done a magnificent process in this topic!
I have read a few good stuff here. Definitely price bookmarking for revisiting.
I wonder how much effort you put to make this type of
excellent informative website.
Here is my web page https://ayam-laga.com
Helpful information. Fortunate me I found your web site by accident, and I’m stunned why
this twist of fate didn’t came about in advance! I bookmarked
it.
I am sure this piece of writing has touched all the internet users, its really really good article on building up new web
site.
Good day! I know this is kind of off topic but I was wondering which blog platform
are you using for this website? I’m getting sick and tired of
Wordpress because I’ve had problems with hackers and I’m looking at options for
another platform. I would be great if you could point me in the direction of a
good platform.
Howdy, I do believe your website may be having internet browser compatibility issues.
When I look at your blog in Safari, it looks fine however,
if opening in Internet Explorer, it’s got some overlapping issues.
I just wanted to provide you with a quick
heads up! Apart from that, fantastic website!
Wow, this paragraph is pleasant, my younger
sister is analyzing these kinds of things, so I am going to let know
her.
You are so cool! I do not believe I have read a single thing like that before.
So wonderful to discover someone with a few unique thoughts on this topic.
Really.. thank you for starting this up. This website is one thing that’s needed on the internet, someone with some originality!
Amazing blog! Do you have any suggestions for aspiring writers?
I’m planning to start my own site soon but I’m a little lost on everything.
Would you recommend starting with a free platform like
Wordpress or go for a paid option? There are so many options out there that I’m totally overwhelmed ..
Any ideas? Thanks!
After looking at a handful of the blog posts on your website, I truly appreciate your technique of writing
a blog. I saved as a favorite it to my bookmark site list and will
be checking back in the near future. Take a look at my website too and
let me know what you think.
Aw, this was a very nice post. Taking the time
and actual effort to create a top notch article… but what can I
say… I procrastinate a whole lot and don’t seem to get anything done.
Way cool! Some very valid points! I appreciate you penning
this article and also the rest of the site is also really good.
I loved as much as you will receive carried out right here.
The sketch is attractive, your authored subject matter stylish.
nonetheless, you command get got an edginess over
that you wish be delivering the following. unwell unquestionably come further formerly again as
exactly the same nearly a lot often inside case you shield this hike.
Normally I don’t read post on blogs, however I wish to say that this
write-up very forced me to check out and do so! Your writing
taste has been amazed me. Thank you, very great post.
I love it whenever people get together and share views.
Great blog, stick with it!
I think this is among the most important information for me.
And i’m glad reading your article. But want to remark on few general things, The site style is
ideal, the articles is really excellent : D. Good job, cheers
First of all I would like to say excellent blog!
I had a quick question which I’d like to ask if you do not mind.
I was interested to find out how you center yourself and clear your mind before writing.
I have had a hard time clearing my thoughts in getting
my thoughts out there. I truly do enjoy writing but it just seems like the first 10 to 15 minutes are usually wasted just trying to figure out how to begin. Any suggestions
or tips? Appreciate it!
I’m excited to discover this web site. I want to to thank you for your time for this fantastic read!!
I definitely enjoyed every little bit of it and i also have you saved as a favorite to
look at new things in your blog.
Thank you for another informative website. Where else may I get that type of information written in such an ideal manner?
I’ve a project that I’m simply now operating on, and I have been on the glance
out for such information.
You ought to take part in a contest for one of the finest
websites on the net. I most certainly will highly recommend this web site!
Its like you read my mind! You appear to know a lot about this, like you wrote the book in it or something.
I think that you can do with a few pics to drive the message
home a little bit, but instead of that, this is excellent blog.
An excellent read. I’ll certainly be back.
You really make it seem really easy with your presentation but I in finding this topic to be actually one
thing that I believe I’d never understand. It sort of feels
too complicated and extremely huge for me. I am having a look ahead to your next publish, I will attempt to
get the cling of it!
I like reading through an article that can make people think.
Also, many thanks for allowing me to comment!
I think that what you composed was very reasonable. But, think on this, suppose you added a little information? I am not saying your information is not solid, however what if you added something that grabbed people’s attention? I mean Seguridad en una SAN Brocade III
– Activar administración por HTTPS | Almacenamiento Abierto is kinda plain. You might glance at Yahoo’s
home page and watch how they create article titles
to grab viewers to click. You might add a video or a related
picture or two to get readers interested about everything’ve
written. Just my opinion, it might make your posts a little livelier.
bookmarked!!, I like your blog!
Have you ever thought about including a little bit more than just
your articles? I mean, what you say is important and everything.
Nevertheless just imagine if you added some great visuals or video clips to give your posts more, «pop»!
Your content is excellent but with pics and clips, this website could certainly be one of the greatest in its niche.
Excellent blog!
What’s Taking place i am new to this, I stumbled upon this I have found It positively useful
and it has aided me out loads. I hope to contribute & help different customers like its aided
me. Good job.
Hi there! Do you use Twitter? I’d like to follow
you if that would be okay. I’m undoubtedly enjoying your blog and look forward to new updates.
Good day very cool web site!! Man .. Excellent .. Superb ..
I will bookmark your web site and take the feeds also? I am happy to find so many useful information here within the publish, we
want develop more strategies on this regard, thanks for sharing.
. . . . .
Appreciate this post. Let me try it out.