No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

FusionStorage V100R006C20 Object Storage Service Security Maintenance 03

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Enabling the CA Certificate Check Function

Enabling the CA Certificate Check Function

FusionStorage supports check for validity of a CA certificate. This section explains how to enable the CA certificate check function.

Prerequisites

CA certificate files have been obtained.

Context

FusionStorage supports CA certificate check for Identity and Access Management (IAM), and Business Support System (BSS). The CA certificate check function is disabled by default and can be enabled after being imported. The certificate check function keeps disabled for the network elements that do not provide CA certificates.

Procedure

  1. Start PUTTY and enter the management IP address to log in as account omuser to the cluster. The default password is Omuser@storage.

    Run the su - root command to switch to user root. The default password is Root@storage.

  2. Run the cli_start -u admin command and press Enter.
  3. Type the password and press Enter to log in to the CLI as user admin.

    You can use the default user name admin and password Admin@storage of the super administrator to log in for the first time.

  4. Run CLI commands after the CLI prompt changes to admin:/>.

    The command prompt shows the name of the user that has logged in to the CLI.

  5. Check the status of the CA certificate check function.

    Run the show object_storage_check_server_certification command to query the CA certificate check status of cross-zone remote data replication, BSS and IAM. By default, all status is false.
    admin:/>show object_storage_check_server_certification
      bss server-certification : false 
      iam server-certification : false 

  6. Enable the CA certificate check function.

    Run the following commands to enable the CA certificate check function for cross-zone remote data replication, BSS and IAM.
    • change object_storage_check_server_certification bss true
    • change object_storage_check_server_certification iam true
    To disable this function, run the following commands to respectively disable cross-zone remote data replication, the check functions of the CA certificates interconnecting with BSS and IAM.
    • change object_storage_check_server_certification bss false
    • change object_storage_check_server_certification iam false

Translation
Download
Updated: 2019-02-01

Document ID: EDOC1100016657

Views: 5482

Downloads: 5

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next