Your suggested change has been received. Thank you.

Suggest A Change

Thank you! Your suggestion has been submitted.

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

There are some errors in your form.

Your Name This field is required

Your Email This field is required

How can we improve this content? This field is required

CipherTrust Integrations

All

All

IBM DB2

Pre integration steps for CipherTrust Manager

IBM
IBM Security Key Lifecycle Manager (SKLM)
- Installing ProtectApp PKCS#11 Library
- Setting up SSL/TLS
- Setting up Configuration Files
- Setting up Certificates
- Verifying Your Integration
IBM Spectrum Scale
- Pre-Integration
- Integration with CipherTrust Manager
- Verifying Your Integration
- High Availability
- Appendix
IBM FileNet Content Manager
- Integration with CipherTrust Manager
- Verifying Integration
- Appendix
IBM DB2
- Setting up the Environment
- Integration with CipherTrust Manager
- Creating a Local Keystore
- Pre integration steps for CipherTrust Manager
- Adding the CA Cert and Generating the CSR
- Generating the Client Certificate
- Configuring KMIP interface
- Generating Master Encryption Key in the CipherTrust Manager
- Creating an Encrypted Database
- Verifying Your Integration

CipherTrust Integrations
IBM
IBM DB2
Pre integration steps for CipherTrust Manager

Pre integration steps for CipherTrust Manager

Add User

Note

Username should be same as the CN (Common Name) specified while creating the client certificate.

In the CipherTrust Manager UI, go to Access Management -> Users and create a new user.
Select the newly created user, click GROUPS and select the Key Users and Key Admins Group.

Registering a KMIP Client

You can register a KMIP client on the CipherTrust Manager using:

Auto Registration
Manual Registration

Using Auto-Registration

Create a registration token using the following steps:
1. Log on to the CipherTrust Manager.
2. Go to Access Management > Registration Tokens in the sidebar.
3. Click Create New Registration Token.
Copy the Registration Token once it is created.
Turn ON Auto Registration using the following steps:
1. Go to Admin Settings > Interfaces.
2. Click the ellipsis button corresponding to the kmip interface.
3. Click Edit.
4. Under Configure KMIP window, select Auto Registration.
5. Paste the Registration Token.
6. Select the mode as TLS, verify client cert, user name taken from client cert, auth request is optional.
7. Click Update.

Using Manual Registration

Log on to the CipherTrust Manager.
Go to Products > KMIP.
Create Client Profile using the following steps:
1. Go to Client Profile and click Add Profile.
2. Add a Profile Name.
3. Select CN in Username Location in Certificate.
4. Click Certificate Details.
5. Paste the content of client.csr.
6. Click Save.
Create Registration Token using the following steps:
1. Go to Registration Token and click New Registration Token > Begin.
2. Add a Name Prefix.
3. Click Select CA.
4. Select CA type as Local if you are using Local CA or select external if you are using External CA.
5. Select appropriate CA from dropdown menu and click Select Profile.
6. Select the Client Profile from dropdown which you have created in the above step.
7. Click Create Token.
8. Copy the Token created and click Done.
Note
If you are using External CA then you can select the external CA which was created using openssl and uploaded on the CipherTrust Manager.
Go to Registered Clients and click Add Client.
- Specify client name and paste the Registration Token generated in the above step.
  Note
  If you are using external CA then you need to paste the signed client certificate in the Client Certificate field.
- Click Save to save the client certificate.

On this page

CipherTrust Integrations

© Copyright 2019-2024, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com

Support
- Support Contacts
- Text Conventions
Legal
- End User License Agreement
- Disclaimer

© Copyright 2019-2024, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com