HP Enterprise Secure Key Manager Guide de l'utilisateur télécharger pdf (Page 18)

Entering the KMIP client credentials

In the RMI Configuration: Security page, enter the KMIP Client User Name and KMIP Client Password

that the autoloader or library will use to log in to the key server, and then click Submit.

NOTE: This client user name and password must match the username and password on the KMIP

server for this library.

Generating the client certificate request

In the KMIP Certificate Import section of the Configuration: Security page click Generate Certificate

Request. The KMIP Client User Name will be used as the certificate name for the certificate request.

After generating the client certificate, follow the instructions in the server vendor’s documentation

to sign the certificate.

NOTE: If you plan to disable the use the Disable Non-FIPS Algorithms and Key Sizes ESKM feature

verify that the autoloader or library is using a firmware version that generates 2048-bit certificates.

Earlier firmware versions generated 1028-bit certificates, which are not FIPS compliant. The earliest

firmware versions that generate 2048-bit certificates are:

• 1/8 G2 autoloader: 4.30

• MSL2024: 6.20

• MSL4048: 8.70

• MSL8048 and MSL8096: 1130

18 KMIP-based key server integration

1 2 ... 13 14 15 16 17 18 19 20 21 22 23 ... 27 28

Pas de commentaire

HP Enterprise Secure Key Manager Guide de l'utilisateur Page 18