The PowerStore certificate and credential infrastructure allows for the exchange of server and client certificates, and user credentials. This process includes:
- Retrieving and validating a server certificate during TLS handshake
- Adding the trusted CA certificate from the remote system to the credential store
- Adding the trusted server/client certificate to the credential store
- Helping to establish secure connections when the trust is established
PowerStore supports the following certificate management functionality:
- For replication, a certificate exchange between two PowerStore clusters to establish trusted management communication. To facilitate replication between PowerStore clusters, bi-directional trust must be established between the clusters to allow for mutual TLS authentication when issuing replication REST control requests.
- For data import, a certificate and credentials exchange with persistence, to establish a secure connection between a Dell storage system—a VNX, Unity, Storage Center (SC), or a Peer Storage (PS) system—and a PowerStore cluster.