Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

back

Install Virtual CipherTrust Manager

Alibaba Cloud Deployment

search

Please Note:

Alibaba Cloud Deployment

You can deploy a CipherTrust Manager instance in the Alibaba Cloud.

Minimum Requirements

To deploy a CipherTrust Manager instance, the following minimum requirements apply:

  • System volume: 50 GB for evaluation, 100 GB for production

  • Memory: 16 GB

  • vCPUs: 2

  • NICs: 1

These minimum system requirements are for a system with light to moderate load. For applications that heavily load the system, additional memory and CPU allocation are required. The system volume holds all data as well as backups.

Deploying in Alibaba Cloud

Prerequisites

  • CipherTrust Manager Image for Alibaba Cloud.

  • If using a Windows client, use PuTTY or similar utility to SSH to your CipherTrust Manager instance as KeySecure Administrator (ksadmin).

    If needed, use PuTTYgen or similar utility to format the SSH Key Pair.

  • If using a Linux client use SSH to login as KeySecure Administrator (ksadmin).

To Launch a CipherTrust Manager instance

Steps for deploying a CipherTrust Manager instance in the Alibaba Cloud:

  1. Log in to Alibaba Cloud.

  2. Click the Menu (click menu) icon on the top left corner, then select Elastic Compute Service from the left navigation pane.

  3. Click Create Instance.
    The ECS Custom Launch page is displayed.

  4. In the Basic Configurations section, specify/select the following settings:

    a. Select the desired Billing Method.

    To learn more about Billing Methods, click here.

    b. Select Region in which the instance is to be launched.

    c. In Instance Type, choose Architecture and Category as required.

    d. In Image, select Custom Image. Select the CipherTrust Manager custom image from the drop-down list.

    e. In Storage, specify disk capacity to minimum 100 GB.

  5. In the Networking section, specify/select the following settings:

    a. In Network Type, select VPC.

    To learn more about VPC, click here.

    b. In Public IP Address, select/clear the Assign Public IPv4 Address checkbox.

    If you select the checkbox, it makes this instance accessible through Internet. Otherwise, this instance is accessible through private network only.

    c. It is recommended to use a Security Group to monitor/control the network traffic.

    To learn more about Security Group, click here.

    d. Add Elastic Network Interface.

    To learn more about Elastic Network Interface, click here.

  6. In the System Configurations section, specify/select the following settings:

    a. In Logon Credentials, select Key Pair. Key pair can be auto generated or you can import the public key.

    To learn more about Key Pair Credentials, click here.

    b. Provide Instance Name.

    c. In Advanced Settings, provide User Data or cloud init scripts.

    To learn more about User Data, click here.

  7. In the Preview section, specify/select the following settings:

    a. Select the Automatic Release checkbox, if required, when Pay-As-You-Go billing method is opted.

    b. Select the ECS Terms of Service and Product Terms of Service checkbox.

    c. Click Create Instance.

    The Alibaba Cloud Instance will be created. Use its public/private IP to access the CipherTrust Manager.

  8. Browse to this IP address (in this example enter https://147.139.41.245). The Log In screen appears.

    CipherTrust Login Page

  9. Log in using the initial default credentials: Username = admin, Password = admin

    The following notice is displayed:

    Change password warning

    If the default credentials do not work, you may need to retrieve an autogenerated password, as described in changing the initial password.

  10. Enter a new password using this default Password Policy:

    Min length: 8
    Max length: 30
    Min number of upper cases: 1
    Min number of lower cases: 1
    Min number of digits: 1
    Min number of other characters: 1
    

    A new Login screen appears.

  11. Using your new password, log in again. The CipherTrust Manager Web Page appears.

  12. At this point, it's strongly recommended to configure an NTP server.

    1. Navigate to Admin Settings > NTP.

    2. Enter in an NTP Server hostname.

    3. For an authenticated NTP Server, enter in a symmetric key value in the NTP Key field.

    4. Click the +Add NTP Server button.

    See Network Time Protocol Server Configuration for more details.

Virtual CipherTrust Manager launches in Community Edition, with some restrictions on functionality. You can activate a 90 day trial evaluation for full functionality. To activate your instance with a trial evaluation, or a term or perpetual license, see Licensing.