Creating the cluster, Copying the local ca certificate, Adding skm appliances to the cluster – HP Secure Key Manager User Manual

Page 38

Advertising
background image

In

Creating the cluster

, the cluster is created on one SKM appliance.

Skip this section if you already have an SKM cluster.

In

Copying the Local CA certificate

, the Local CA certificate from an existing cluster member is

copied into the copy buffer in preparation for pasting it into the management console of each of

the SKM appliances that will be added to the cluster in

Adding SKM appliances to the cluster

.

Start here if you are replacing an SKM or expanding an existing cluster. When replacing an

appliance or expanding the cluster, any of the existing cluster members may be used to transfer

the cluster configuration.

In

Adding SKM appliances to the cluster

, each of the additional SKM appliances will be added

to the cluster.

Start here if you already have a cluster and the Local CA certificate from

Copying the Local CA

certificate

is still available in your copy buffer.

If you only have one SKM appliance, skip

Establishing a cluster

and continue with

Propagating

third-party certificates

.

Creating the cluster

To create the cluster, perform the following steps on one of the SKM appliances to be clustered:

1.

From the SKM management console, click the Device tab.

2.

In the Device Configuration menu, click Cluster.

3.

Type the cluster password in the Create Cluster section of the main window to create the new cluster.

4.

If required, change the Local Port. HP recommends using the default value of 9001.

5.

Click the Create button.

6.

In the Cluster Settings section of the window, click Download Cluster Key and save the key to a

convenient location, such as your computer’s desktop.
The cluster key is a text file and is only required temporarily. It may be deleted from your computer’s

desktop after all SKM appliances have been added to the cluster.

Copying the Local CA certificate

Before an SKM appliance can be added to a cluster, the Local CA certificate from an SKM already in the

cluster must be installed onto the new SKM appliance.
To copy the Local CA certificate:

1.

If you do not have a browser window open from

Creating the cluster

, log into the SKM management

console of one of the existing cluster members.

2.

Click the Security tab.

3.

In the Certificates & CAs menu, click Local CAs.

4.

Click on the name of the local CA from the Local Certificate Authority List section of the screen. This

is the name of the CA created in

Setting up the local Certificate Authority (CA)

, steps 3 — 4. For

example, SKM Local CA.

38

Configuring the system

Advertising
Popular Brands
Popular manuals