Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
Chapter 1 FIPS Management
1-14
Cisco IronPort AsyncOS 7.3 for Email Advanced Configuration Guide
OL-23081-01
The Backup and Restore page is displayed.
Step 2
Under the Backup Certificates and Keys section, choose the file name to use for
the XML file that will contain the encrypted certificate and key pairs. You can
define your own file name or AsyncOS can choose one for you.
the XML file that will contain the encrypted certificate and key pairs. You can
define your own file name or AsyncOS can choose one for you.
Step 3
Click Backup.
Step 4
Choose to save the file, and click OK.
Step 5
Navigate to the directory on the local machine to where you want to save the XML
file, and click Save.
file, and click Save.
Restoring Certificates and Keys
When you back up the certificates and keys the HSM card manages, the keys are
encrypted. Because the keys are encrypted, they can only be restored on a
different Email Security appliance if the master key on the other appliance is the
same as the one from which the certificates and keys were backed up. Note that
when the HSM card gets initialized, its master key changes. For more information
on copying the master key between appliances, see
encrypted. Because the keys are encrypted, they can only be restored on a
different Email Security appliance if the master key on the other appliance is the
same as the one from which the certificates and keys were backed up. Note that
when the HSM card gets initialized, its master key changes. For more information
on copying the master key between appliances, see
.
To restore a certificate and key pair stored in an XML file:
Step 1
From the FIPS Mode menu, management console, choose FIPS Backup/Restore.
The Backup and Restore page is displayed.
Step 2
Under the Restore Certificates and Keys section, click Browse.
Step 3
Navigate to the directory on the local machine where the XML file resides, and
click Open.
click Open.
Step 4
Click the check boxes for the certificate and key pairs you want to restore.
Step 5
Click Restore.
Using the fipsconfig CLI Command
AsyncOS for Email includes the
fipsconfig
CLI command to perform the
following tasks: