Dell PowerVault TL4000 Dell PowerVault ML6000 Encryption Key Manager User's - Page 103

Appendix B. Encryption Key Manager Configuration Properties Files

Get Dell PowerVault TL4000 PDF manuals and user guides View all Dell PowerVault TL4000 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 103 highlights

Appendix B. Encryption Key Manager Configuration Properties Files The Encryption Key Manager requires two configuration property files: one for the Encryption Key Manager server, and one for the CLI client. Each of these files is treated and parsed as a Java.util.Properties load file, which imposes certain restrictions on the format and specification of properties: v Configuration properties are recorded one-per-line. The value(s) for a given property extend to the end of the line. v Property values, such as passwords, that contain spaces need not be enclosed in quotation marks. v Keystore passwords must not be greater than 127 characters in length. v Accidental whitespace at the end of a line may be interpreted as part of a property value. Sample configuration properties files are available for download at http://support.dell.com in the EKMServicesandSamples file. Encryption Key Manager Server Configuration Properties File The following comprises the complete set of properties in the Encryption Key Manager server configuration file (KeyManagerConfig.properties). The order of property settings in the file does not matter. Comments may appear in the file. To add a comment, use a "#" in the first column of a line. Note: Changes made to the KeyManagerConfig.properties file may be lost at shutdown. Therefore, be sure the Encryption Key Manager server is not running before editing configuration properties. To stop the Encryption Key Manager server issue the stopekm command from the CLI client. Your changes are activated when the Encryption Key Manager server is restarted. Admin.ssl.ciphersuites = value Specifies the cipher suites to be used for communication between Encryption Key Manager servers. A cipher suite describes the cryptographic algorithms and handshake protocols Transport Layer Security (TLS) and Secure Sockets Layer (SSL) use for data transfer. Required Optional. Values Possible values are any cipher suites supported by IBMJSSE2. Default JSSE_ALL Admin.ssl.keystore.name = value This is the name of the database of key pairs and certificates used for Secure Socket Layer client operations such as sync commands between Encryption Key Manager Servers. In a sync operation, the certificate that the Secure Sockets client presents to the Secure Sockets server comes from this keystore. Required Optional. Used only with sync command. Defaults to value of config.keystore.file property. B-1

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
Appendix B. Encryption Key Manager Configuration
Properties Files
The Encryption Key Manager requires two configuration property files: one for the
Encryption Key Manager server, and one for the CLI client. Each of these files is
treated and parsed as a Java.util.Properties load file, which imposes certain
restrictions on the format and specification of properties:
v
Configuration properties are recorded one-per-line. The value(s) for a given
property extend to the end of the line.
v
Property values, such as passwords, that contain spaces need not be enclosed in
quotation marks.
v
Keystore passwords must not be greater than 127 characters in length.
v
Accidental whitespace at the end of a line may be interpreted as part of a
property value.
Sample configuration properties files are available for download at
in the EKMServicesandSamples file.
Encryption Key Manager Server Configuration Properties File
The following comprises the complete set of properties in the Encryption Key
Manager server configuration file (KeyManagerConfig.properties). The order of
property settings in the file does not matter. Comments may appear in the file. To
add a comment, use a “#” in the first column of a line.
Note:
Changes made to the KeyManagerConfig.properties file may be lost at
shutdown. Therefore, be sure the Encryption Key Manager server is not
running before editing configuration properties. To stop the Encryption Key
Manager server issue the
stopekm
command from the CLI client. Your
changes are activated when the Encryption Key Manager server is restarted.
Admin.ssl.ciphersuites =
value
Specifies the cipher suites to be used for communication between
Encryption Key Manager servers. A cipher suite describes the
cryptographic algorithms and handshake protocols Transport Layer
Security (TLS) and Secure Sockets Layer (SSL) use for data transfer.
Required
Optional.
Values
Possible values are any cipher suites supported by
IBMJSSE2.
Default
JSSE_ALL
Admin.ssl.keystore.name =
value
This is the name of the database of key pairs and certificates used for
Secure Socket Layer client operations such as
sync
commands between
Encryption Key Manager Servers. In a sync operation, the certificate that
the Secure Sockets client presents to the Secure Sockets server comes from
this keystore.
Required
Optional. Used only with
sync
command. Defaults to value
of
config.keystore.file
property.
B-1