HP Secure Encryption manual Creating a Master Key

Page 24

Creating a Master Key

The steps below outline how to create a key in the HP ESKM. The HP ESKM does not differentiate between key types such as Master Encryption Key or Drive Encryption Key. If creating a Master Encryption Key, HP recommends applying a specific Master Encryption Key naming convention to distinguish the Master Key from all other keys created in the HP ESKM.

To create a key:

1.Log in to the HP ESKM ("Logging in to the HP ESKM" on page 18).

2.Click the Security tab.

3.From the left side panel, expand the Keys menu, and then click Create Keys.

The following screen appears.

Configuration 24

Page 23 Page 25
Image 24
Page 23 Page 25
Contents HP Secure Encryption Installation and User Guide Page Contents Support and other resources Overview About HP Secure EncryptionEncryption features BenefitsFeature Description Eskm Solution components HP Smart Storage AdministratorHP ProLiant servers HP Smart Array Controller HP SmartCacheHP iLO Minimum requirementsHP Enterprise Secure Key Manager 3.1 and later HP Eskm and key managementLicensing Encryption setup guidelines Recommended security settings at remote sitesEncrypted backups PlanningSecurity domains Deployment scenariosRemote and local key management requirements Configuration Local key management modeConfiguring the controller local mode Configuration Remote Key Management Mode Configuring Remote Key Management ModeConfiguring the HP Eskm Logging in to the HP EskmAdding a user Configuration Adding a group Assigning a user to a group Configuration Configuration Creating a Master Key Placing a key in a group Running a key queryConfiguration Assigning a key to a group Configuring HP iLO Connecting HP iLO to HP Eskm Configuration Configuring the controller remote mode Configuration Accessing Encryption Manager OperationsOpening Encryption Manager Logging into Encryption ManagerManaging passwords Set or change the Crypto Officer passwordSet or change the password recovery question Set or change user account passwordSet or change the controller password Suspending the controller password Resuming the controller password Working with keys Changing the Master Encryption KeyRekeying the Drive Encryption Keys Creating a plaintext volume Rescanning keysOperations Operations Converting plaintext volumes into encrypted volumes Changing key management modes Enabling/disabling plaintext volumes Enabling/disabling the firmware lock Enabling/disabling local key cache Importing drive sets in Local Key Management Mode Importing drives with different Master KeysOperations Maintenance ControllersDrives Flashing firmwareReplacing a physical drive Encryption ManagerGroups Locating groups associated with a driveQuery by drive serial number Maintenance Query by previous server name Maintenance Displaying log information Running queries Maintenance Maintenance Maintenance Troubleshooting Common issuesLost or forgotten Crypto Officer password Lost or forgotten controller passwordLocal mode Remote modeLocating the key using the HP Eskm Lost or forgotten Master KeyLocating the key using iLO Forgotten which Master key goes with which drive Logical drives remain offline Master key not exportingTesting the connection between HP iLO and the HP Eskm Potential errors encountered Error Description Action Clearing the encryption configuration Support and other resources Before you contact HPHP contact information Appendix Encryption algorithmsGlossary ILO Local Master Encryption KeyMaster Encryption Key PlaintextVolume encryption key Remote Key ManagerDocumentation feedback Index EskmIndex
Top Page Image Contents