Connecting to a Server through NAE and KMIP Session in a Single configuration
NAE and KMIP can be configured in a single properties file. To configure, set NAE_IP, NAE_Port, KMIP_IP, and
KMIP_Port in the same configuration. Rest of the configuration can be set according to the requirements.
How it Works
Remote Mode
-
NAE and KMIP with TCP protocol:
-
KMIP session throws an error.
-
NAE operations works seamlessly.
-
-
NAE and KMIP with SSL protocol:
- Both NAE and KMIP operations work seamlessly.
Local Mode
-
NAE and KMIP with TCP protocol:
-
Symmetric and Asymmetric Key cache Enabled configuration as
tcp_ok.-
KMIP session throws an error.
-
NAE works seamlessly and key is stored in cache.
-
-
-
NAE and KMIP with SSL protocol:
-
Symmetric and Asymmetric Key cache Enabled configuration as yes
-
NAE operations work seamlessly and key is stored in cache.
-
KMIP user authenticated session will throw an error for crypto operations.
-
KMIP global session will work for crypto operations.
-
-
Symmetric and Asymmetric Key cache Enabled configuration as tcp_ok
-
NAE operations will work seamlessly and key will be stored in cache.
-
KMIP user authenticated session will throw an error for crypto operations.
-
KMIP global session will work for crypto operations.
-
-
Symmetric Key cache Enabled configuration as
kmip_yes-
NAE operations work seamlessly. NAE will export key from the CipherTrust Manager and store key in cache using KMIP Get.
-
KMIP operations work seamlessly.
-
-
Asymmetric Key cache Enabled configuration as
kmip_ yes-
NAE operations work seamlessly. NAE will not export key from the CipherTrust Manager and it will fall back to remote mode.
-
KMIP operations work seamlessly.
-
-
