Dell PowerVault TL4000 Dell PowerVault ML6000 Encryption Key Manager User's - Page 39
Generating Keys and Aliases for Encryption on LTO 4 and LTO 5, How to Identify the EKM SSL Port - default password
View all Dell PowerVault TL4000 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 39 highlights
How to Identify the EKM SSL Port 1. Start the Encryption Key Manager server using the command line. v On Windows, navigate to cd c:\ekm and click startServer.bat v On Linux platforms, navigate to /var/ekm and enter startServer.sh v See "Starting, Refreshing, and Stopping the Key Manager Server" on page 5-1 for more information. 2. Start the CLI client using the command line. v On Windows, navigate to cd c:\ekm and click startClient.bat v On Linux platforms, navigate to /var/ekm and enter startClient.sh v See "The Command Line Interface Client" on page 5-5 for more information. 3. Login to a CLI client on the Encryption Key Manager server using the following command: login -ekmuser userID -ekmpassword password where userID = EKMAdmin and password = changeME (This is the default Password. If you previously changed the default password use your new password.) Once login is successful User successfully logged in is displayed. 4. Identify the SSL port by entering the following command: status The displayed response should be similar to this: server is running. TCP port: 3801, SSL port: 443. Make a note of the SSL configured port and ensure it is the port used to configure your library-managed encryption settings. 5. Logout from the command line. Enter the following command: exit Close the command window. | Generating Keys and Aliases for Encryption on LTO 4 and LTO 5 The Dell Encryption Key Manager Server GUI is the easiest way to generate symmetric encryption keys (see "Using the GUI to Create a Configuration File, Keystore, and Certificates" on page 3-5). You can also use the Keytool utility to generate symmetric encryption keys. Keytool is especially useful for importing and exporting keys between different keystores. See "Importing Data Keys Using Keytool -importseckey " on page 3-12 and "Exporting Data Keys Using Keytool -exportseckey " on page 3-12 for details. Keytool is a utility for managing keys, certificates, and aliases. It enables you to generate, import, and export your encryption data keys and store them in a keystore. Each data key in the keystore is accessed through a unique alias. An alias is a string of characters, such as 123456tape. In JCEKS keystores, 123456Tape would be equivalent to 123456tape and allow access to the same entry in the keystore. When you use the keytool -genseckey command to generate a data key, you specify a corresponding alias in the same command. The alias enables you to identify the correct key, in the correct key group and keystore, for use in writing and reading | encrypted data on LTO 4 and LTO 5 tape. Chapter 3. Installing the Encryption Key Manager and Keystores 3-9