4 Verifying that the encryption key server integration is working

HP recommends verifying that the encryption process is working before placing the autoloader or library into a production environment. This is often called an end-to-end verification test. The following steps describe how an end-to-end verification test can be conducted.

Connectivity test: Verifies that the autoloader or library can connect with each of the configured key servers. See “Connectivity test” (page 23).

Basic encryption test: Verifies encryption is working on partitions configured for encryption. See “Basic encryption test” (page 25).

Failover test: Verifies keys can be retrieved from another server if the server currently in use becomes unavailable. See “Failover test” (page 25).

Some of the steps occur on the key server and HP cannot provide specific details for non-HP key servers. For the SafeNet KMIP server, log files can be found on the SafeNet Device > Log Viewer

>System screen. See your server vendor documentation for specific instructions and additional information.

Connectivity test

The autoloader and library RMIs provide a connectivity test.

MSL6480

The ESKM connectivity check is on the ESKM Tier Selection screen of the ESKM wizard. To start the wizard, click ESKM Wizard in the Encryption menu.

The KMIP connectivity check is on the KMIP Server Configuration screen of the KMIP wizard. To start the wizard, click KMIP Wizard in the Encryption menu.

Connectivity test 23

Page 23
Image 23
HP Enterprise Secure Key Manager manual Connectivity test, MSL6480