Connectrix Brocade B-Series: How to get TruFOS certificates and what do they mean.

What are Brocade Trusted Fabric OS (TruFOS) Certificates?
Brocade TruFOS Certificates guarantee that a switch is running authentic Fabric OS code in a manner that is supported by Broadcom/Brocade and their OEM partners.
Each TruFOS Certificate is uniquely generated for an individual switch, verifying that the switch and the FOS image are genuine, unmodified Brocade products.
TruFOS Certificates are shipped with Switches and or Directors that have factory installed FOS v9.0.x or later.
Switches shipped with FOS versions prior to v9.0.x will not have a factory-installed Brocade TruFOS Certificate.

What is required to request a TruFOS certificate?
To be able to obtain the TRUFOS certificate from the Brocade portal, the license ID is needed from the switch.
That can be collected using the command;

license --show

Example:

SwitchName:admin> license --show
  License Id : 10:00:d8:1f:cc:99:aa:33
  License 1 :
  -------------------------------------------------------------
    License serial number   : FOS-86-0-03-11477454
[truncated]

Where do I go to obtain a Brocade TruFOS Certificate?
Customers with support entitlement may obtain updated TruFOS Certificates through the Broadcom Assist Portal.  https://assist.broadcom.com/group/assist/home//-/portal/downloads (External Link)

Up to 10 TruFOS Certificates can be requested at a time by entering the license IDs (LIDs), or for bulk requests, up to 100 TruFOS Certificates may be requested at a time by submitting a file with the LIDs.
 

Accessed using:
The OEM Assist site: Click the Request Trusted FOS (TruFOS) Certificate link.


Or using:
Brocade Customer Support Portal (CSP): Brocade Storage Networking > License Management > TruFOS Certificate


TruFOS Certificate Request Page (accessed using OEM Assist Site or Brocade CSP)


How to apply a Brocade TruFOS Certificate to a switch?
An updated TruFOS Certificate can be applied to a switch either manually or automatically.
See for full explanation in the below knowledge base article:
Connectrix Brocade B-Series: How to apply a Brocade TruFOS Certificate to a switch


Frequently Asked Questions:

Do Brocade TruFOS Certificates expire?
Yes
All TruFOS Certificates have an expiration date embedded in them. Users may request an updated TruFOS Certificate to replace a certificate that is expiring or has expired.
Updated TruFOS Certificates are valid for one year or to the expiration date of the current Brocade support or maintenance contract, whichever comes first.
Users may install an updated TruFOS Certificate at any time, they do not have to wait until an existing certificate has expired or is about to expire.

How do I know if my TruFOS Certificate has expired or is about to expire?
Notification of upcoming TruFOS Certificate expiration dates occurs using Brocade MAPS events and through the SANnav Management Portal Inventory view.
• Brocade FOS MAPS events are generated weekly when a certificate is 60 days from expiration and are generated monthly following expiration.
• SANnav Management Portal alerts users of upcoming TruFOS Certificate expiration 60 days from expiration.
(Fabric OS comes with a default base MAPS policy enabled from manufacturing which does not require a Fabric vision license. Fabric OS 9.1.x includes TruFOS monitoring, which is part of the MAPS default monitoring.)

What happens to the switch if the TruFOS Certificate expires?
An expired TruFOS Certificate will never impact a switch’s ability to perform basic operations.
• An expired or missing TruFOS Certificate will not impact any switching operations, connectivity, or any other behavior related to regular SAN fabric operations.
• No support or maintenance functions are restricted due to the absence or expiration of a TruFOS Certificate.
• A switch that has an expired TruFOS Certificate cannot load FOS v9.1.0 or later releases.

What happens if a switch does not have a TruFOS Certificate?
The switch continues to function, but it cannot load FOS v9.1.0 or later or migrate from FOS v9.1.0 or later to a different FOS release.

ED-X6/DS-6630B: TruFOS certificates must be installed first before loading FOS v9.1.0 or later or migrating from FOS v9.1.0 or later to another FOS release.
DS-6610B/DS-66210B / DS-7720/MP-7810 / MP-7850: TruFOS certificates must be installed first when loading FOS v9.2.0 or later or migrating from FOS v9.2.0 or later to another FOS release.

Always check the latest version of release notes for any updates on TruFOS certificate requirements.

What happens if a switch is replaced (RMA/FRU units)?
Brocade switches and directors that are replaced receive a 30-day TruFOS Certificate as part of the existing license transfer process for the replacement units.
If any issues occur in getting a 30-day TruFOS Certificate, Brocade TAC Team can assist.
(No extra data is required to be saved before replacing the switch, for any issue, a Brocade SR must be opened for the Brocade TAC to assist.)

Is Switch Status affected by the TruFOS Certificate?
Yes, a switch operating with FOS v9.0.x that has an expired TruFOS Certificate has its Switch Status degraded to marginal.
With FOS v9.1.0 and later, the Switch Status is not degraded due to the expiration or lack of a TruFOS Certificate.
A Gen 6 switch that is upgraded to FOS v9.0.0 or later and does not have a TruFOS Certificate installed will not have its Switch Status affected in any way.