Replacing Certificates on Storage Systems

Procedure

1. Log in to DeviceManager.
2. Choose Settings > Certificate Management.
3. Select the type of certificate you want to export and click Export Request File. Specify the Certificate Key Algorithm and click OK.
4. Import and activate the signed certificate.
   1. Send the certificate request file to a certificate authority or sign it with an enterprise root certificate. After the certificate is signed, click Import Certificate on DeviceManager.

      The Import Certificate dialog box is displayed.

   2. Configure the certificate parameters listed in Table 12-8.
      Table 12-8 Certificate parameters

      Parameter	Description
      Certificate File	Certificate file that has been exported and signed.
      CA Certificate File	Certificate file of a server.
      Private Key File	Private key file of a device.

   3. Click OK.

      A security alert dialog box is displayed.

   4. Confirm the information in the dialog box and select I have read and understand the consequences associated with performing this operation. Then click OK.

      The Success dialog box is displayed.

   5. Click OK.

      The certificate list shows imported certificates.

      The CA certificate is not displayed in the certificate list.

5. View the certificate information. Table 12-9 describes the parameters.
   Table 12-9 Certificate parameters

   Parameter	Description
   Scenario	Scenario where a certificate is used.
   Expiration Warning Days	Days before certificate expiration. When the period starts, the system sends warning to users about the expiration. NOTE: The value ranges from 7 to 180.
   Client Certificates	Number of client certificates.
   CA Certificates	Number of CA certificates.
   Certificate Revocation Lists	Number of certificate revocation lists. NOTE: You can view certificate revocation lists to check the CA certificate availability.

6. Modify a certificate.
   1. Select a certificate that you want to modify and click Modify.

      The Modify dialog box is displayed.

   2. Modify the certificate parameters listed in Table 12-10.
      Table 12-10 Certificate parameters

      Parameter	Description
      Expiration Warning Days	Days before certificate expiration. When the period starts, the system sends warning to users about the expiration. NOTE: The value ranges from 7 to 180.
      New Private Key Encryption Password	New encryption password for private key files.
      Confirm Password	Password confirmation.

   3. Click OK.

      The Success dialog box is displayed.

   4. Click OK.

7. Manage Certificate Revocation Lists (CRLs).
   • Import a CRL.
     1. Click Import Revocation List.
     2. In the dialog box that is displayed, select a CRL file and click OK.
     3. Confirm the information in the dialog box and select I have read and understand the consequences associated with performing this operation.
     4. Click OK.

        A dialog box is displayed indicating that the operation is successful.

   • Query the CRLs.

     Click the name of a certificate under Scenario and query the certificate details.