HP Brocade 8/12c Fabric OS Encryption Administrator's Guide - Page 52
Creating an SKM or ESKM High Availability cluster, KMS Server Settings, Use SSL
View all HP Brocade 8/12c manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 52 highlights
2 Steps for connecting to an SKM or ESKM appliance FIGURE 17 SKM Key Management Services Configuration window 3. In the KMS Server Settings section of the window, select the following check boxes: • Use SSL • Allow Key and Policy Configuration Operations • Allow Key Export 4. Click Edit. A warning message might display explaining that if you disable SSL, you must have TLS enabled for your web browser. 5. Configure the KMS Server Settings. Ensure that the port and connection timeout settings are 9000 and 3600, respectively. For Server Certificate, select the name of the certificate you created in "Creating and installing the SKM or ESKM server certificate" on page 30. 6. Click Save. Creating an SKM or ESKM High Availability cluster The HP SKM/ESKM key vault supports clustering of HP SKM/ESKM appliances for high availability. If two SKM/ESKM key vaults are configured, they must be clustered. If only a single SKM/ESKM appliance is configured, it may be clustered for backup purposes, but the backup appliance will not be directly used by the switch. The procedures in this section will establish a cluster configuration on one SKM/ESKM appliance and then transfer that configuration to the remaining appliances. • Create the cluster on one SKM/ESKM appliance that is to be a member of the cluster. • Copy the local CA certificate from the first SKM/ESKM appliance or an existing cluster member. • Paste the local CA certificate it into the management console for each of the SKM/ESKM appliances added to the cluster. 32 Fabric OS Encryption Administrator's Guide 53-1002159-03