Setting up the client certificate

Procedure

1. Download and install openssl.exe from http://www.openssl.org/ to the C:\openssl folder.

2. Create the key file. You can create the following types of key files:

   • Private key (.key) file. For the creation of Private key, see the System Administrator Guide.
   • Public key (.csr) file. For the creation of Public key, see the System Administrator Guide.

3. If you created a Public key (.csr) file, submit the Public key (.csr) to an appropriate trusted internal or third party Certificate Authority for signing.

4. Convert the client certificate to PKCS#12 format.

   1. From an open command prompt, change the current directory to the folder where you want to save the client certificate in the PKCS#12 format.

   2. Move the private SSL key file (.key) and the client certificate to the folder in the current directory, and run the command.

      The following is an example for an output folder of c:\key, private key file (client.key), and a client certificate file (client.crt: ).

      C:\key>c:\openssl\bin\openssl pkcs12 -export -in client.crt -inkey client.key -out client.p12

   3. Type the client certificate password. The password can be from 0 to 128 characters in length. The valid characters for the password are:

      • Numbers (0 to 9)
      • Upper case letters (A-Z)
      • Lower case letters (a-z)
      • The following symbols: ! # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~

5. Upload the root and client certificates to the SVP.

   1. In the Device Manager - Storage Navigator main window, select Administration in Explorer, and select Encryption Keys.

   2. In the Encryption Keys window, click Edit Encryption Environmental Settings.

   3. Upload the certificates.

Related References

• Edit Encryption Environmental Settings window
• System requirements

Parent Topic

• Key management server connections