Home » Seguridad en una SAN Brocade III – Activar administración por HTTPS

Seguridad en una SAN Brocade III – Activar administración por HTTPS

En el post  Seguridad en una SAN Brocade II – Administración con protocolos inseguros  se vió como denegar el acceso a los switches Brocade a través del interfaz de administración por protocolos no seguros, TELNET y HTTP. A continuación veremos como activar el protocolo HTTPS para acceder a la herramienta WEB TOOLSEl procedimiento se compone de una miscelanea de fuentes ya que el descrito en el Admin Guide del Fabric OS no es exacto. Se describe a continuación como se ha generado para el core de una fabric y de forma análoga se debe de realizar en el resto de switches: 

1.- Hacer login con usuario con privilegios de administrador por SSH al switch al que se habilitará HTTPS y ejecutar la siguiente secuencia de comandos: 

core1:angel> seccertutil genkey 
Generating a new key pair will automatically do the following: 
1. Delete all existing CSRs. 
2. Delete all existing certificates. 
3. Reset the certificate filename to none. 
4. Disable secure protocols. 

Continue (yes, y, no, n): [no] yes 
Select key size [1024 or 2048]: 1024 
Generating new rsa public/private key pair 

core1:angel> seccertutil gencsr 
Country Name (2 letter code, eg, US):ES 
State or Province Name (full name, eg, California):Sevilla 
Locality Name (eg, city name):Sevilla 
Organization Name (eg, company name):AA 
Organizational Unit Name (eg, department name):LABS 
Common Name (Fully qualified Domain Name, or IP address):core1 
Generating CSR, file name is: 

core1:angel> seccertutil export 
Select protocol [ftp or scp]: ftp 
Enter IP address: 
Enter remote directory: /home/angel/certs/ 
Enter Login Name: angel 
Enter Password:  
Success: exported CSR. 

2.- Copiar el fichero CSR a un servidor que contenga las utilidades openssl y el par de clave/certificado de la Agencia Certificadora "cacert.pem y cakey.pem". El siguiente comando generará a partir del fichero CSR un certificado que importaremos desde el switch para activar el sevicio HTTPS: 


angel@miequipo ~/pendiente/certificados $ openssl x509 -req -days 3650 -in -CA cacert.pem -CAkey cakey.pem -set_serial 01 -out 
Signature ok 
Getting CA Private Key 
Enter pass phrase for cakey.pem: 

En este caso se ha asignado un serial para cada switch (-set_serial) de la siguiente forma: 


core1 –> 01 
core2 –> 02 
edge4 –> 03 
edge2 –> 04 
edge8 –> 05 
edge6 –> 06 
edge3 –> 07 
edge1 –> 08 
edge7 –> 09 
edge5 –>10 

3.- El certificado creado importarlo en el switch 


core1:angel> seccertutil import -config swcert -enable https 
Select protocol [ftp or scp]: ftp 
Enter IP address: 
Enter remote directory: /home/angel/certs/ 
Enter certificate name (must have ".crt" or ".cer" ".pem" or ".psk" suffix): 
Enter Login Name: angel 
Enter Password:  
Success: imported certificate []. 
Certificate file in configuration has been updated. 
Secure http has been enabled. 

De esta forma ya está el servicio HTTPS levantado.

1.117 Responses to “Seguridad en una SAN Brocade III – Activar administración por HTTPS”

  1. You really make it seem really easy along with your presentation but
    I in finding this topic to be really one thing that I feel I might by no means understand.
    It seems too complicated and very wide for me. I’m looking forward for your subsequent submit, I will attempt to get the cling
    of it!

  2. I have read so many content concerning the blogger lovers however this article is truly
    a pleasant article, keep it up.

  3. It’s actually a cool and useful piece of info. I’m glad that you just shared this helpful information with us.
    Please stay us informed like this. Thanks for sharing.

  4. Howdy! I know this is kind of off topic but I was wondering if you
    knew where I could get a captcha plugin for my comment form?
    I’m using the same blog platform as yours and I’m having difficulty finding one?
    Thanks a lot!

  5. This is a topic that is near to my heart… Take care!

    Where are your contact details though?

  6. Hey there! Quick question that’s totally off topic. Do you know how to make your site mobile friendly?
    My website looks weird when browsing from my apple iphone.
    I’m trying to find a theme or plugin that might be
    able to fix this issue. If you have any suggestions, please share.
    Thank you!

  7. I was wondering if you ever considered changing the layout of your
    site? Its very well written; I love what youve got to say.
    But maybe you could a little more in the way of content so people could connect with it better.
    Youve got an awful lot of text for only having one or two pictures.

    Maybe you could space it out better?

  8. I truly love your website.. Pleasant colors & theme.
    Did you make this amazing site yourself? Please
    reply back as I’m looking to create my own site and would like to learn where you got this from or
    just what the theme is named. Thanks!

  9. Thankfulness to my father who informed me on the topic of this blog, this web
    site is genuinely awesome.

  10. Way cool! Some very valid points! I appreciate you writing this article and the rest of the website is also really good.

  11. If you are going for best contents like myself, simply pay a quick visit
    this site every day since it provides feature contents, thanks

  12. It’s going to be ending of mine day, but before ending I am reading this enormous paragraph to increase my know-how.

  13. I know this if off topic but I’m looking into starting
    my own weblog and was wondering what all is required to get set up?
    I’m assuming having a blog like yours would cost a pretty penny?
    I’m not very web savvy so I’m not 100% positive. Any recommendations
    or advice would be greatly appreciated. Thank

  14. I’m not sure exactly why but this site is loading very slow for me.
    Is anyone else having this problem or is it a
    issue on my end? I’ll check back later and see if the problem still exists.

  15. Hello to every one, the contents existing at this web page are really
    remarkable for people knowledge, well, keep up the nice work fellows.

  16. My spouse and I absolutely love your blog and find almost all
    of your post’s to be exactly I’m looking for. can you offer
    guest writers to write content available for you?
    I wouldn’t mind publishing a post or elaborating on most of the
    subjects you write with regards to here. Again, awesome website!

  17. Everything is very open with a precise description of the challenges.
    It was really informative. Your website is extremely helpful.
    Thanks for sharing!

  18. Hi i am kavin, its my first occasion to commenting anywhere,
    when i read this article i thought i could also make comment due to this good piece of writing.

  19. Heya! I just wanted to ask if you ever have any issues with hackers?
    My last blog (wordpress) was hacked and I ended up losing a few months
    of hard work due to no back up. Do you have any solutions to prevent hackers?

  20. akvalife.by dice:

    What’s up to all, because I am actually keen of reading this blog’s post
    to be updated daily. It consists of fastidious material.

  21. Very good article. I definitely love this website.
    Stick with it!

    Here is my web-site :: slot via pulsa

  22. discuss dice:

    What a material of un-ambiguity and preserveness of precious experience about
    unpredicted emotions.

  23. I used to be able to find good advice from your content.

  24. What’s up to all, how is the whole thing, I think every one is getting more from this website,
    and your views are pleasant in favor of new visitors.

  25. Hi there, its nice paragraph about media print, we all know media is a wonderful
    source of information.

  26. discuss dice:

    I love your blog.. very nice colors & theme. Did you design this website yourself or did you hire someone to do it
    for you? Plz answer back as I’m looking to design my own blog
    and would like to find out where u got this from.

    many thanks

  27. Fastidious answer back in return of this matter with real arguments and explaining all about that.

  28. It’s in reality a great and helpful piece of information. I am glad
    that you just shared this useful information with us.

    Please keep us informed like this. Thank you for

  29. Hey There. I discovered your weblog the use of msn. That is
    a very neatly written article. I’ll be sure to bookmark it and come back to
    read extra of your useful info. Thank you for the post. I’ll certainly comeback.

  30. Hello I am so grateful I found your webpage, I really found you by accident, while
    I was searching on Yahoo for something else, Nonetheless I am here now and would
    just like to say many thanks for a fantastic post and a all round
    entertaining blog (I also love the theme/design), I don’t have time to read it all
    at the minute but I have saved it and also added your RSS feeds, so when I have time I will be back to
    read much more, Please do keep up the great b.

    my site; https://fcbarcelona-indonesia.com

  31. Thankfulness to my father who shared with me regarding this blog, this webpage
    is truly awesome.

    Here is my web blog: slot deposit via pulsa

  32. Wonderful, what a blog it is! This blog gives
    valuable information to us, keep it up.

  33. If you wish for to improve your experience just keep visiting this website and
    be updated with the newest information posted here.

  34. Does your website have a contact page? I’m having problems locating it but, I’d like to shoot you an email.
    I’ve got some ideas for your blog you might be interested in hearing.
    Either way, great website and I look forward to seeing it grow over time.

  35. Antonia dice:

    Appreciate this post. Will try it out.

  36. Magnificent website. Plenty of useful info here. I am sending it to several pals ans additionally sharing in delicious.
    And of course, thanks for your effort!

  37. fantastic points altogether, you simply gained a brand new reader.
    What may you recommend in regards to your publish that you just made a few days in the past?
    Any sure?

  38. telegra.ph dice:

    I always emailed this webpage post page to all my friends, because if like to read it after that my links will too.

  39. These are really impressive ideas in on the topic of blogging.

    You have touched some fastidious factors here. Any way keep up

  40. Very nice post. I just stumbled upon your blog and wished
    to say that I’ve truly loved surfing around your weblog posts.
    After all I’ll be subscribing to your rss feed and I hope
    you write again soon!

  41. I know this if off topic but I’m looking into starting my own weblog and
    was wondering what all is required to get setup? I’m assuming having a
    blog like yours would cost a pretty penny? I’m not very web savvy so I’m not 100% positive.

    Any suggestions or advice would be greatly appreciated.

  42. Yes! Finally something about Situs Slot Gacor 2022.

  43. I all the time used to study piece of writing in news papers but now
    as I am a user of net so from now I am using net for articles, thanks to

  44. I need to to thank you for this fantastic read!! I certainly loved every bit of it.
    I’ve got you book-marked to check out new stuff you post…

  45. Hey I know this is off topic but I was wondering if you knew of any widgets I could add to my blog that automatically tweet my newest twitter
    updates. I’ve been looking for a plug-in like this
    for quite some time and was hoping maybe you would
    have some experience with something like this.
    Please let me know if you run into anything. I truly enjoy reading your blog and I look forward to your new updates.

  46. Everything is very open with a really clear explanation of the challenges.
    It was definitely informative. Your website
    is useful. Many thanks for sharing!

  47. sbank-gid.ru dice:

    My family always say that I am killing my time here at net, except I know
    I am getting familiarity daily by reading such pleasant posts.

  48. Wow, this paragraph is fastidious, my sister is analyzing
    these things, therefore I am going to convey her.

  49. Its like you read my mind! You appear to know a lot about this, like you wrote
    the book in it or something. I think that you can do with some pics to drive the message home a bit,
    but instead of that, this is magnificent blog. An excellent read.

    I will definitely be back.

Deja una respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *