Your suggested change has been received. Thank you.

Administration
Release Notes

All

All

Alternative Deployments

Installing CT-VL on Azure Stack Hub

Please Note:

Administration
Quick Start
Alternative Deployments
- CT-VL Deployment Prerequisites
- Installing CT-VL as a Virtual Machine on VMware vSphere
- Installing CT-VL on Bare Metal
- Installing CT-VL on AWS Cloud
- Installing CT-VL on Azure Cloud
- Installing CT-VL on Azure Stack Hub
- Installing CT-VL on Hyper-V
- Installing CT-VL on KVM
- Installing CT-VL on Google Cloud Platform
- Installing CT-VL on Alibaba Cloud
- Running CT-VL on Oracle Cloud Infrastructure
Tasks
- Configuring CT-VL through the Command Line
- Registering CT-VL VM with CipherTrust Manager
- Configuring CT-VL Nodes
- Configuring an AD/LDAP Server
- Configuring ADFS and LDAP for OAuth
- Configuring LDAP Settings.ini File
- Working with CT-VL GUI
- Dashboard API Monitoring
- Administrator History Logs
- Backing Up and Restoring CT-VL
- Migrating from CT-VL Lower Versions to 2.9.0
- Monitoring Through SNMP
Examples
- Cryptographic Operation Examples
- Key Management Examples
- Versioned Key Management Examples
- Tokenization Examples
Advanced Topics
- CT-VL CLI Reference
- CT-VL Services
- CT-VL Key Cache
- Key Types and Input Sizes
- Creating Static and Dynamic Keys
- Tokenization Groups, Templates, and Masks
- Understanding CT-VL Authentication and Authorization
- CT-VL CLI Navigation Summary and Guidelines
- Tokenization Setup Workflow in CT-VL GUI
- CT-VL Tokenization REST APIs
- CT-VL Cryptographic REST APIs
- CT-VL Admin REST APIs
- CT-VL with Multiple Key Managers
Troubleshooting

CT-VL
Administration
Alternative Deployments
Installing CT-VL on Azure Stack Hub

Installing CT-VL on Azure Stack Hub

Note

To obtain the CT-VL image for Azure Stack Hub, download the CT-VL VHD image from Thales Customer Support Portal.

Prerequisites to Install CT-VL on Azure Stack Hub

A virtual machine and a subnet.
Minimum recommended settings for a CT-VL VM: 4 CPUs, 16GB memory.

Note

The network security group defines the firewall rules of the CT-VL virtual machine. At a minimum, incoming ports must allow port 22 (SSH) and port 443 (HTTPS).
If your cluster nodes are located in different resource groups, you also need to add port 5432 to the allowed incoming ports. However, if all your cluster nodes are in the same resource group, do not add port 5432, because nodes inside a resource group do not need any firewall permissions to communicate with one another.

Create the Azure VM

Log in to Azure Stack Hub.
Upload the CT-VL VHD image into the Azure Stack Hub storage container. The CT-VL VHD image is of dynamic format. To upload a VHD image to Azure Stack Hub, the VHD image must be in fixed format. Convert the VHD image to fixed format before uploading to the Azure Stack Hub storage container. If you use the 'azure-vhd-utils' tool, you can use the dynamic VHD image to upload and it will convert automatically to fixed format when it saves to the Azure Stack Hub.
Navigate to Virtual Machines menu. Supply the following information to create a virtual machine:
- VM name: name of the VM you want to use, for example, my-CT-VL-2.6.0-azure-vm.
- VM disk type: SSD or HDD.
- User name: Not required by CT-VL, but Azure needs this data to create a VM. This user name entry is not retained by CT-VL and is not used as a CT-VL credential.
- Authentication type: Also not required by CT-VL, but required for Azure to create a VM. This authentication type entry is not retained by CT-VL and does affect the CT-VL configuration.
- Resource group: You may create a new resource group or use an existing one. If you plan to create a cluster of CT-VL machines, it is recommended that all cluster nodes use the same resource group, so that they can communicate with one another without having to use a public static IP address or enable an incoming port in the firewall.
- Location: For example, “West-US”.
- Subnet and subnet address range:
- Static or dynamic public IP address: Use a static IP address if you expect your cluster to span multiple resource groups.

Configuration Notes

To begin configuration, ssh into the instance as the cliadmin user using the public IP address, and follow the steps in Configuring the CT-VL System.

Note that on Azure, you will not configure the CT-VL network settings. Azure automatically configures these parameters for the CT-VL VM:

Internal and subnet IP addresses are provided to the VM through DHCP.
For CT-VL clusters, create an instance for each node in the cluster. Then configure each node separately, and join the nodes in a cluster.
When creating or joining a cluster, if you have all the cluster nodes in the resource group, you must use the same internal or subnet IP address used by the VM.
When adding a node to the cluster, you must always use the internal or subnet IP address of the new CT-VL VM node.

On this page

Prerequisites to Install CT-VL on Azure Stack Hub
Create the Azure VM
Configuration Notes

CT-VL

© Copyright 2019-2025, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com

Support
- Support Contacts
- Text Conventions
Legal

© Copyright 2019-2025, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com

Suggest A Change

Thank you! Your suggestion has been submitted.

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

There are some errors in your form.

Your Name This field is required

Your Email This field is required

How can we improve this content? This field is required

Print

Suggest An Edit

Download this Page

Download Project

Copy Link

Copy Link

Copy Link