Your suggested change has been received. Thank you.

User Guide
Release Notes
API Reference

All

All
CipherTrust Manager
CipherTrust Application Data Protection (CADP)
CipherTrust Application Key Management (CAKM)
CipherTrust Batch Data Transformation (BDT)
CipherTrust Cloud Key Management (CCKM)
CipherTrust Data Discovery and Classification (DDC)
CipherTrust Data Protection Gateway (DPG)
CipherTrust Database Protection (CDP)
CipherTrust Intelligent Protection (CIP)
CipherTrust Integrations
CipherTrust Migrations
CipherTrust RESTful Data Protection (CRDP)
CipherTrust Transparent Encryption (CTE)
CipherTrust Transparent Encryption Userspace (CTE-U)
CipherTrust Secrets Management (CSM)
CipherTrust Vaulted Tokenization (CT-V)
CipherTrust Vaultless Tokenization (CT-VL)
CTE-Linux
CTE-Windows
CTE-AIX
CTE-K8s
CTE-U
Crypto Command Center
Data Protection on Demand
Luna Cloud HSM
Luna Network HSM
Luna PCIe HSM
Luna USB HSM
OneWelcome Identity Platform
ProtectApp LUKS
ProtectServer 2 HSM
ProtectServer 3 HSM
SafeNet Trusted Access (STA)
SafeNet MobilePASS+
SafeNet MobilePASS+ for Android
SafeNet MobilePASS+ for Chrome
SafeNet MobilePASS+ for macOS
SafeNet MobilePASS+ for iOS
SafeNet MobilePASS+ for WatchOS
SafeNet MobilePASS+ for Windows
SafeNet Synchronization Agent
SafeNet Logging Agent
SafeNet Agent for FreeRADIUS
SafeNet Agent for NPS
SafeNet Agent for Windows Logon
SafeNet Authentication Service Private Cloud Edition (SAS PCE)
SafeNet Remote Logging Agent
SafeNet Keycloak Agent
SafeNet IDPrime Virtual (IDPV)
SafeNet FIDO Key Manager
SafeNet FIDO Key Manager for Android
SafeNet FIDO Key Manager for iOS
SafeNet FIDO Key Manager for Windows

Tasks for CAPI

Connecting to a Server through NAE and KMIP Session in a Single configuration

Please Note:

User Guide
Quick Start
- Installation
  - Installing CADP for C on Linux
  - Installing CADP for C on Windows
  - Client Certificate Renewal in Linux/Windows
- Installed Directories
  - Installed Directory on Linux
  - Installed Directory on Windows
Tasks
- Tasks for CAPI
  - Setting up SSL/TLS on CipherTrust Manager and CADP for C
  - Create an NAE Session
  - Configuring CADP for C CAPI Properties File
  - Connecting to a Server through Single Properties File
  - Connecting to a Server through Multiple Properties File
  - Connecting to a Server through NAE and KMIP Session in a Single configuration
  - Adding CipherTrust Manager Servers
  - Adding Syslog Server
  - Enabling Connection Pooling
  - Securing Passphrase
  - Enabling Asymmetric Key Caching
  - Enabling Symmetric Key Caching
  - Setting Logging Parameters
  - Working with Certificates
    - Importing a Certificate
    - Exporting a Certificate
    - Creating a CA Chain using OpenSSL and Uploading on the CipherTrust Manager
    - Exporting a CA Chain
    - Deleting a Certificate
    - Creating a Certificate Signing Request
    - Signing a CSR with an existing local certificate authority
  - NAE Key Management Operations
    - Creating versioned key
    - Creating a new version of a key
    - Destroying versioned key
    - Creating a CipherSpec for a versioned key
    - Exporting a public versioned key
    - Exporting a symmetric versioned key
    - Getting key attributes of a versioned key
    - Modifying the state of a versioned key
    - Calculating the size of ciphertext created by versioned keys
    - Calculating the size of the ciphertext header for a versioned key
    - Deleting the EVP context created using I_C_Crypt_Fast
    - Deriving AES/HMAC symmetric key from any AES/HMAC symmetric key
    - Wrapping AES Key
    - Search key names by multiple attributes
- Tasks for PKCS#11
  - Configuring CADP for C PKCS11 Properties File
  - Configuring Registry Editor on Windows for CADP for C PKCS11
  - Initializing CADP PKCS#11 Library
  - Adding CipherTrust Manager Servers
  - Creating a Key
  - Enabling Connection Pooling
  - Enabling Symmetric Key Caching
  - Enabling Asymmetric Key Caching
  - Setting Logging Parameters
  - Securing Passphrase
  - Migrating VAE to CADP for C
- Modifying the CADP for C Basic Configuration File
Advanced Topics
- Configuration
  - Logging Parameters
  - Network Configuration Parameters
  - Connection Configuration Parameters
  - Caching Parameters
  - SSL Configuration Parameters
  - Miscellaneous Parameters
- Symmetric/Asymmetric Caching
  - Symmetric/Asymmetric Caching, CADP for C CAPI
  - Symmetric/Asymmetric Caching, CADP for C PKCS#11
- Connection Pooling
- Load Balancing Group
- Multi-tier Load Balancing Group
- Persistent Key Caching
- Key Management, CADP for C PKCS#11
- Supported Cryptographic Operations
  - Supported Cryptographic Operations for CAPI
  - Supported Cryptographic Operations for PKCS#11
- Format Preserving Encryption for CAPI
- Format Preserving Encryption for PKCS#11
- KMIP Key Management in C
- Utilities
  - CryptoDataUtility
  - SelfSignedCertificate
  - RSAEncryptionUtility
- Pkcs11Interop Library for .Net Core
- Upgrade
  - Upgrade from CADP CAPI to CADP for C
  - Recompiling with CADP for C Library
  - For Already Existing CAPI Sample Executables
  - Upgrade from VAE to CADP for C
- Uninstall

CADP for C
User Guide
Tasks
Tasks for CAPI
Connecting to a Server through NAE and KMIP Session in a Single configuration

Connecting to a Server through NAE and KMIP Session in a Single configuration

NAE and KMIP can be configured in a single properties file. To configure, set NAE_IP, NAE_Port, KMIP_IP, and KMIP_Port in the same configuration. Rest of the configuration can be set according to the requirements.

How it Works

Remote Mode

NAE and KMIP with TCP protocol:
- KMIP session throws an error.
- NAE operations works seamlessly.
NAE and KMIP with SSL protocol:
- Both NAE and KMIP operations work seamlessly.

Local Mode

NAE and KMIP with TCP protocol:
- Symmetric and Asymmetric Key cache Enabled configuration as tcp_ok.
  - KMIP session throws an error.
  - NAE works seamlessly and key is stored in cache.
NAE and KMIP with SSL protocol:
- Symmetric and Asymmetric Key cache Enabled configuration as yes
  - NAE operations work seamlessly and key is stored in cache.
  - KMIP user authenticated session will throw an error for crypto operations.
  - KMIP global session will work for crypto operations.
- Symmetric and Asymmetric Key cache Enabled configuration as tcp_ok
  - NAE operations will work seamlessly and key will be stored in cache.
  - KMIP user authenticated session will throw an error for crypto operations.
  - KMIP global session will work for crypto operations.
- Symmetric Key cache Enabled configuration as kmip_yes
  - NAE operations work seamlessly. NAE will export key from the CipherTrust Manager and store key in cache using KMIP Get.
  - KMIP operations work seamlessly.
- Asymmetric Key cache Enabled configuration as kmip_ yes
  - NAE operations work seamlessly. NAE will not export key from the CipherTrust Manager and it will fall back to remote mode.
  - KMIP operations work seamlessly.

On this page

How it Works

CADP for C

© Copyright 2019-2025, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com

Support
- Support Contacts
- Text Conventions
Legal

© Copyright 2019-2025, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com

Suggest A Change

Thank you! Your suggestion has been submitted.

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

There are some errors in your form.

Your Name This field is required

Your Email This field is required

How can we improve this content? This field is required

Print

Suggest An Edit

Download this Page

Download Project

Copy Link

Copy Link

Copy Link