HP Enterprise Secure Key Manager manual Connectivity test, MSL6480

Page 23

4 Verifying that the encryption key server integration is working

HP recommends verifying that the encryption process is working before placing the autoloader or library into a production environment. This is often called an end-to-end verification test. The following steps describe how an end-to-end verification test can be conducted.

Connectivity test: Verifies that the autoloader or library can connect with each of the configured key servers. See “Connectivity test” (page 23).

Basic encryption test: Verifies encryption is working on partitions configured for encryption. See “Basic encryption test” (page 25).

Failover test: Verifies keys can be retrieved from another server if the server currently in use becomes unavailable. See “Failover test” (page 25).

Some of the steps occur on the key server and HP cannot provide specific details for non-HP key servers. For the SafeNet KMIP server, log files can be found on the SafeNet Device > Log Viewer

>System screen. See your server vendor documentation for specific instructions and additional information.

Connectivity test

The autoloader and library RMIs provide a connectivity test.

MSL6480

The ESKM connectivity check is on the ESKM Tier Selection screen of the ESKM wizard. To start the wizard, click ESKM Wizard in the Encryption menu.

The KMIP connectivity check is on the KMIP Server Configuration screen of the KMIP wizard. To start the wizard, click KMIP Wizard in the Encryption menu.

Connectivity test 23

Page 22 Page 24
Image 23
Page 22 Page 24
Contents Abstract Warranty Contents HP Enterprise Secure Key Manager Eskm Using an encryption key serverIntroduction KMIP-based key servers Considerations for using an encryption key serverMedia compatibility for drives supporting encryption LicensingMSL6480 Installing the encryption licenseHP Enterprise Secure Key Manager Eskm integration Using the Eskm WizardHP Enterprise Secure Key Manager Eskm integration Page HP Enterprise Secure Key Manager Eskm integration Page KMIP-based key server integration Creating the client user name and password on the serverConfiguring the Kmip feature for the MSL6480 Using the Kmip Wizard Configuring the Kmip feature for the MSL6480 KMIP-based key server integration Enrolling the autoloader or library with a Kmip server Set or enter the Kmip security passwordGenerating the client certificate request Entering the Kmip client credentialsSigning the client certificate on the server Installing the signed client certificate---END Certificate Enabling KMIP-based encryption Configuring access to the key serversKMIP-based key server integration MSL6480 Connectivity testAutoloader and other MSL libraries Failover test Basic encryption testPage Typographic conventions Support and other resourcesContacting HP Documentation feedback
Top Page Image Contents