HP Enterprise Secure Key Manager manual Set or enter the Kmip security password

Page 17

Configuring the KMIP feature for the 1/8 G2 Tape Autoloader and other MSL Tape Libraries

The EBS Matrix lists the compatible KMIP server models, the server vendors, and links to primary documents those vendors provide.

Table 3 Enrolling the autoloader or library with a KMIP server

 

 

Primary documents providing

Step

Description of task

more detail

1Install and configure the key servers. Server vendor’s product documentation

2

Create a local CA and server

Server vendor’s product

 

certificate on the key server.

documentation

3

Set up a new client user account for

“Creating the client user name

 

the autoloader or library.

and password on the server”

 

 

(page 12)

Comment

Collect the IP address of each server.

Collect the filename of the CA certificate (a file with a crt extension).

Collect the account username and the account password.

4

Install the library license.

5Set or enter the KMIP security password in the RMI.

6Enter the KMIP Client Credentials in the RMI.

7Generate the autoloader or library client certificate.

8Sign the client certificate.

9Install the signed client certificate in the RMI.

If using ESKM 4.0, also copy the signed certificate to the ESKM 4.0 client.

10Configure the accessible key servers for the autoloader or library.

11Enable KMIP-based encryption for the autoloader or library.

12Verify that the KMIP encryption feature is working.

“Licensing” (page 5)

“Set or enter the KMIP security password” (page 17)

“Entering the KMIP client credentials” (page 18)

“Generating the client certificate request” (page 18)

“Signing the client certificate on the server” (page 19)

“Installing the signed client certificate” (page 19)

“Configuring access to the key servers” (page 21)

“Enabling KMIP-based encryption” (page 21)

“Verifying that the encryption key server integration is working” (page 23)

The user name will also be used to generate the client certificate.

Enter the IP addresses from step 1.

NOTE: HP supplies the ESKM server but does not supply other KMIP servers. If you are not familiar with configuring KMIP servers, please contact your KMIP server vendor.

Set or enter the KMIP security password

In the RMI Configuration: Security page, enter the KMIP security password, which is required for modifying the KMIP configuration.

Configuring the KMIP feature for the 1/8 G2 Tape Autoloader and other MSL Tape Libraries 17

Page 16 Page 18
Image 17
Page 16 Page 18
Contents Abstract Warranty Contents HP Enterprise Secure Key Manager Eskm Using an encryption key serverIntroduction Media compatibility for drives supporting encryption Considerations for using an encryption key serverLicensing KMIP-based key serversMSL6480 Installing the encryption licenseHP Enterprise Secure Key Manager Eskm integration Using the Eskm WizardHP Enterprise Secure Key Manager Eskm integration Page HP Enterprise Secure Key Manager Eskm integration Page KMIP-based key server integration Creating the client user name and password on the serverConfiguring the Kmip feature for the MSL6480 Using the Kmip Wizard Configuring the Kmip feature for the MSL6480 KMIP-based key server integration Enrolling the autoloader or library with a Kmip server Set or enter the Kmip security passwordGenerating the client certificate request Entering the Kmip client credentialsSigning the client certificate on the server Installing the signed client certificate---END Certificate Enabling KMIP-based encryption Configuring access to the key serversKMIP-based key server integration MSL6480 Connectivity testAutoloader and other MSL libraries Failover test Basic encryption testPage Typographic conventions Support and other resourcesContacting HP Documentation feedback
Top Page Image Contents