Alibaba Cloud Deployment
You can deploy a CipherTrust Manager instance in the Alibaba Cloud.
Minimum Requirements
To deploy a CipherTrust Manager instance, the following minimum requirements apply:
System volume: 100 GB
Memory: 16 GB
vCPUs: 2
NICs: 1
Note
These minimum system requirements are for a system with light to moderate load. For applications that heavily load the system, additional memory and CPU allocation are required. The system volume holds all data as well as backups.
Deploying in Alibaba Cloud
Prerequisites
CipherTrust Manager Image for Alibaba Cloud.
If using a Windows client, use PuTTY or similar utility to SSH to your CipherTrust Manager instance as KeySecure Administrator (ksadmin).
If needed, use PuTTYgen or similar utility to format the SSH Key Pair.
If using a Linux client use SSH to login as KeySecure Administrator (ksadmin).
To Launch a CipherTrust Manager instance
Steps for deploying a CipherTrust Manager instance in the Alibaba Cloud:
Log in to Alibaba Cloud.
Click the Menu () icon on the top left corner, then select Elastic Compute Service from the left navigation pane.
Click Create Instance.
The ECS Custom Launch page is displayed.In the Basic Configurations section, specify/select the following settings:
a. Select the desired Billing Method.
Note
To learn more about Billing Methods, click here.
b. Select Region in which the instance is to be launched.
c. In Instance Type, choose Architecture and Category as required.
d. In Image, select Custom Image. Select the CipherTrust Manager custom image from the drop-down list.
e. In Storage, specify disk capacity to minimum 100 GB.
In the Networking section, specify/select the following settings:
a. In Network Type, select VPC.
Note
To learn more about VPC, click here.
b. In Public IP Address, select/clear the Assign Public IPv4 Address checkbox.
If you select the checkbox, it makes this instance accessible through Internet. Otherwise, this instance is accessible through private network only.
c. It is recommended to use a Security Group to monitor/control the network traffic.
Note
To learn more about Security Group, click here.
d. Add Elastic Network Interface.
Note
To learn more about Elastic Network Interface, click here.
In the System Configurations section, specify/select the following settings:
a. In Logon Credentials, select Key Pair. Key pair can be auto generated or you can import the public key.
Note
To learn more about Key Pair Credentials, click here.
b. Provide Instance Name.
c. In Advanced Settings, provide User Data or cloud init scripts.
Note
To learn more about User Data, click here.
In the Preview section, specify/select the following settings:
a. Select the Automatic Release checkbox, if required, when Pay-As-You-Go billing method is opted.
b. Select the ECS Terms of Service and Product Terms of Service checkbox.
c. Click Create Instance.
The Alibaba Cloud Instance will be created. Use its public/private IP to access the CipherTrust Manager.
Browse to this IP address (in this example enter https://147.139.41.245). The Log In screen appears.
Log in using the initial default credentials: Username = admin, Password = admin
The following notice is displayed:
Note
If the default credentials do not work, you may need to retrieve an autogenerated password, as described in changing the initial password.
Enter a new password using this default Password Policy:
Min length: 8 Max length: 30 Min number of upper cases: 1 Min number of lower cases: 1 Min number of digits: 1 Min number of other characters: 1
A new Login screen appears.
Using your new password, log in again. The CipherTrust Manager Web Page appears.
At this point, it's strongly recommended to configure an NTP server.
Navigate to Admin Settings > NTP.
Enter in an NTP Server hostname.
For an authenticated NTP Server, enter in a symmetric key value in the NTP Key field.
Click the +Add NTP Server button.
See Network Time Protocol Server Configuration for more details.
Note
Virtual CipherTrust Manager launches in Community Edition, with some restrictions on functionality. You can activate a 90 day trial evaluation for full functionality. To activate your instance with a trial evaluation, or a term or perpetual license, see Licensing.