Please Note:

CT-VL with Multiple Key Managers

This section describes the CT-VL operation mode (round-robin or failover) with multiple key managers.

CT-VL with the CipherTrust Manager uses the round-robin operation mode. Specify the multiple IP addresses of the CipherTrust Manager servers to perform the internal round-robin load balancing. For more information on setting up CT-VL with multiple CipherTrust Manager, see Register the CT-VL VM with CipherTrust Manager (CM)

CT-VL supports an interactive setup to establish connection with multiple CipherTrust Manager. Use the icapi setup command to initiate the interactive setup.

Example

    icapi setup
    Press Enter to accept current setting.
    Current NAE_IPs: ['x.x.x.x']
    Keysecure hostname or IP [enter to quit]: x.x.x.x
    Keysecure hostname or IP [enter to quit]: x.x.x.x
    Keysecure hostname or IP [enter to quit]:
    Keysecure port [9000]:
    Username [admin]: admin
    password:
    retype password:
    Protocol <tcp/ssl> [ssl]:
    NAE_IP:              [ip1, ip2]
    NAE_Port:            9000
    KEYSTORE_USER:       admin
    Protocol:            ssl
    Do you wish to update ICAPI configuration? <y/n> [N] y
    ICAPI properties updated

Output

    icapi show --properties
    Client_Cert_Authentication     yes
    KEYSTORE_PASSWORD              ********
    KEYSTORE_USER                  admin
    NAE_IP                         [ip1, ip2]
    NAE_Port                       9000
    Protocol                       ssl
    Version                        3.1

Alternatively, use the icapi set command to provide all the information in a single command.

Example

    icapi set --IP ip1 ip2 ip3 --port 9000 --user admin --password <password> ICAPI properties updated

Suggest A Change

CT-VL with Multiple Key Managers

On this page