IIAS 1.0.14.0 apesklm command

You can use the apesklm command and its following IIAS 1.0.14.0 options to enable encryption for supplied storage type or device, add, display and delete SKLM information, and export storage devices certificate.

Syntax

apesklm [-h] {status,enable,add-sklm,info-sklm,del-sklm,export-cert}

Optional parameters

-h|--help
Displays help for the command.

Subcommands

status [-h] -s <fsn> [-d <device>] -a {yes,no}
Encryption key server status of appliance storage.

Parameters:

-s|--storage <fsn>
Type of the storage which status of the encryption key server should be displayed.
-d|--device <device>
Storage device host name which status of the encryption key server should be displayed.
-a|--alldevices {yes,no}
If yes, the status of the encryption key server of all devices is displayed.
enable [-h] [-s <fsn>] [-d <device>] [-t {primary,clone}] [-n <connection_name>] [-c <sklm_cert>] [-g <device_group>] [-a {yes,no}]
Enables encryption for supplied storage type or device.
Important: Before running apesklm enable command, you must follow the steps provided in Enabling storage hardware encryption with apesklm in IIAS 1.0.14.0.

Optional parameters:

-s|--storage <fsn>
Storage type to enable encryption.
-d|--device <device>
Storage device host name to enable encryption for the given device only.
-t|--sklmtype {primary,clone}
SKLM type. primary and clone are only possible arguments.
-n|--nameforconnection <connection_name>
SKLM connection name.
-c|--sklmcert <sklm_cert>
Path to the SKLM server certificate.
-g|--devicegroup <device_groupname>
Storage device group.
-a|--alldevices {yes,no}
If yes, the command enables encryption for all devices of supplied storage type. If no, encryption is enabled for specific device or storage type provided with -d option.
add-sklm [-h] -i <sklm_ip> -p <sklm_port> -t {primary,clone}
Adds SKLM information.

Parameters required:

-i|--sklmip <sklm_ip>
SKLM host IP.
-p|--sklmport <sklm_port>
SKLM host port.
-t|--sklmtype {primary,clone}
SKLM type. Must be set to primary or clone.
info-sklm [-h]
Displays information about SKLM.
del-sklm [-h]
Deletes SKLM information.
export-cert [-h] -s <fsn> -l <loc>
Exports storage device certificates to the platform node.

Parameters required:

-s|--storage <fsn>
Storage device type.
-l|--loc <loc>
Export location on the platform node.