Configuring VMWare VCenter

Prerequisite

Ensure that:

• VCenter is up and running.

• CipherTrust Manager cluster is accessible and in good health. You can check it as admin user from System > Cluster.

  Note

  If this is not the case, you should be notified by an alarm under Keys & Access Management > Alarms

Declare a KMS cluster in VMware

To declare a KMS in VMware:

1. Go to Security > Key Providers > Configure tab.

2. Click ADD STANDARD KEY PROVIDER.

3. Specify the following information in Edit Standard Key Provider window:

   1. Name for the cluster

   2. Host/IP address and port for each KMS node

4. Click EDIT KEY PROVIDER.

5. Under Establish Trust, click Make VCenter Trust KMS.

   A popup window is displayed, click TRUST.

6. click TRUST VCENTER button.

7. From the left sidebar, under Choose a Method, select the KMS certificate and private key option.

8. From the left sidebar, under Upload KMS Credentials, either upload or copy and paste the KMS Certificate and Private Key.

   Note

   KMS Certificate and Private Key is downloaded previously. Refer to the Create a Registered Client section.

9. Click ESTABLISH TRUST.

At this stage, ensure that the setup looks similar to the following image:

Moreover, you can also check the logs in CipherTrust Manager UI under Records tab.