Your suggested change has been received. Thank you.

Suggest A Change

Thank you! Your suggestion has been submitted.

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

There are some errors in your form.

Your Name This field is required

Your Email This field is required

How can we improve this content? This field is required

User Guide
Release Notes
API Reference

All

All

Tasks for CAPI

Connecting to a Server through NAE and KMIP Session in a Single configuration

Please Note:

User Guide
Quick Start
- Installation
  - Installing CADP for C on Linux
  - Installing CADP for C on Windows
  - Client Certificate Renewal in Linux/Windows
- Installed Directories
  - Installed Directory on Linux
  - Installed Directory on Windows
Tasks
- Tasks for CAPI
  - Setting up SSL/TLS on CipherTrust Manager and CADP for C
  - Create an NAE Session
  - Configuring CADP for C CAPI Properties File
  - Connecting to a Server through Single Properties File
  - Connecting to a Server through Multiple Properties File
  - Connecting to a Server through NAE and KMIP Session in a Single configuration
  - Adding CipherTrust Manager Servers
  - Adding Syslog Server
  - Enabling Connection Pooling
  - Securing Passphrase
  - Enabling Asymmetric Key Caching
  - Enabling Symmetric Key Caching
  - Setting Logging Parameters
  - Working with Certificates
    - Importing a Certificate
    - Exporting a Certificate
    - Creating a CA Chain using OpenSSL and Uploading on the CipherTrust Manager
    - Exporting a CA Chain
    - Deleting a Certificate
    - Creating a Certificate Signing Request
    - Signing a CSR with an existing local certificate authority
  - NAE Key Management Operations
    - Creating versioned key
    - Creating a new version of a key
    - Destroying versioned key
    - Creating a CipherSpec for a versioned key
    - Exporting a public versioned key
    - Exporting a symmetric versioned key
    - Getting key attributes of a versioned key
    - Modifying the state of a versioned key
    - Calculating the size of ciphertext created by versioned keys
    - Calculating the size of the ciphertext header for a versioned key
    - Deleting the EVP context created using I_C_Crypt_Fast
    - Deriving AES/HMAC symmetric key from any AES/HMAC symmetric key
    - Wrapping AES Key
    - Search key names by multiple attributes
  - Refresh Cached Keys
- Tasks for PKCS#11
  - Configuring CADP for C PKCS11 Properties File
  - Configuring Registry Editor on Windows for CADP for C PKCS11
  - Initializing CADP PKCS#11 Library
  - Adding CipherTrust Manager Servers
  - Creating a Key
  - Enabling Connection Pooling
  - Enabling Symmetric Key Caching
  - Enabling Asymmetric Key Caching
  - Setting Logging Parameters
  - Migrating VAE to CADP for C
- Modifying the CADP for C Basic Configuration File
Advanced Topics
- Configuration
  - Logging Parameters
  - Network Configuration Parameters
  - Connection Configuration Parameters
  - Caching Parameters
  - SSL Configuration Parameters
  - Miscellaneous Parameters
- Symmetric/Asymmetric Caching
  - Symmetric/Asymmetric Caching, CADP for C CAPI
  - Symmetric/Asymmetric Caching, CADP for C PKCS#11
- Connection Pooling
- Load Balancing Group
- Multi-tier Load Balancing Group
- Persistent Key Caching
- Key Management, CADP for C PKCS#11
- Supported Cryptographic Operations
  - Supported Cryptographic Operations for CAPI
  - Supported Cryptographic Operations for PKCS#11
- Format Preserving Encryption
- Format Preserving Encryption for PKCS#11
- KMIP Key Management in C
- Utilities
  - CryptoDataUtility
  - SelfSignedCertificate
  - RSAEncryptionUtility
- Pkcs11Interop Library for .Net Core
- Upgrade
  - Upgrade from CADP CAPI to CADP for C
  - Recompiling with CADP for C Library
  - For Already Existing CAPI Sample Executables
  - Upgrade from VAE to CADP for C
- Uninstall

CADP for C
User Guide
Tasks
Tasks for CAPI
Connecting to a Server through NAE and KMIP Session in a Single configuration

Connecting to a Server through NAE and KMIP Session in a Single configuration

NAE and KMIP can be configured in a single properties file. To configure, set NAE_IP, NAE_Port, KMIP_IP, and KMIP_Port in the same configuration. Rest of the configuration can be set according to the requirements.

How it Works

Remote Mode

NAE and KMIP with TCP protocol:
- KMIP session throws an error.
- NAE operations works seamlessly.
NAE and KMIP with SSL protocol:
- Both NAE and KMIP operations work seamlessly.

Local Mode

NAE and KMIP with TCP protocol:
- Symmetric and Asymmetric Key cache Enabled configuration as tcp_ok.
  - KMIP session throws an error.
  - NAE works seamlessly and key is stored in cache.
NAE and KMIP with SSL protocol:
- Symmetric and Asymmetric Key cache Enabled configuration as yes
  - NAE operations work seamlessly and key is stored in cache.
  - KMIP user authenticated session will throw an error for crypto operations.
  - KMIP global session will work for crypto operations.
- Symmetric and Asymmetric Key cache Enabled configuration as tcp_ok
  - NAE operations will work seamlessly and key will be stored in cache.
  - KMIP user authenticated session will throw an error for crypto operations.
  - KMIP global session will work for crypto operations.
- Symmetric Key cache Enabled configuration as kmip_yes
  - NAE operations work seamlessly. NAE will export key from the CipherTrust Manager and store key in cache using KMIP Get.
  - KMIP operations work seamlessly.
- Asymmetric Key cache Enabled configuration as kmip_ yes
  - NAE operations work seamlessly. NAE will not export key from the CipherTrust Manager and it will fall back to remote mode.
  - KMIP operations work seamlessly.

On this page

CADP for C

© Copyright 2019-2025, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com

Support
- Support Contacts
- Text Conventions
Legal

© Copyright 2019-2025, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com