Key management services configuration sections, Kms server settings, 100 viewing the kms server settings section – HP Secure Key Manager User Manual

When the client requests that the server generate a new key, it can specify that the key should be

exportable and/or deletable. An exportable key is a key that a client can export from the server. Once a

key is generated as exportable, it can be exported only by the owner and any members of a group with

the “Export” permission for that key.
A deletable key is a key that the client can delete from the server. Once a key is generated as deletable,

only the owner of the key can delete the key.

IMPORTANT:

Administrators with Keys and Authorization Policies access control can delete any key regardless

of whether it is marked as deletable.

Clients that do not authenticate can only see global keys, which are accessible to all users. Likewise,

any keys that the client generates during an unauthenticated connection are global keys. If a global key

is marked as exportable or deletable during generation, then all users have permission to export or

delete that key.

Key Management Services Configuration sections

The Key Management Services Configuration page enables you to configure the KMS Server, KMS

Server Authentication Settings, and the user account lockout settings. This page contains the following

KMS Server-related sections:

• KMS Server Settings
• KMS Server Authentication Settings
• User Account Lockout Settings

KMS Server Settings

Use the KMS Server Settings section to set up the basic KMS Server settings.

Figure 100 Viewing the KMS Server Settings section

The following table describes the components of the KMS Server Settings section.

Secure Key Manager

169