Installing and Configuring SafeNet ProtectApp Cryptographic Service Provider

Installing the SafeNet ProtectApp Cryptographic Service Provider

This section includes the steps to install the SafeNet ProtectApp Cryptographic Service Provider (CSP). To do so, follow the steps below:

1. Download and unzip the SafeNet ProtectApp Cryptographic Service (SafeNet ProtectApp CSP) Provider zip file.

2. Double-click the setup to launch the InstallShield Wizard. The Welcome screen appears. Click Next.

   

3. Accept the license agreement and click Next.

   

4. Enter User Name under Customer Information and click Next.

   

5. Select Setup Type as Complete and click Next.

6. Click Install to begin the installation.

7. Click Finish to complete the installation.

   

Once the provider has been installed, create a user on the CipherTrust Manager and assign it permissions to the Key Admins Group. For creating and configuring user and permissions refer to the CipherTrust Manager documentation.

Navigate to C:\Program Files\SafenetProtectAppCSP and run SafenetProtectAppCSPInstall.exe as an Administrator to register the provider. Enter the same username and password, as used in the previous step to create a user on the CipherTrust Manager appliance.

Configuring the SafeNet ProtectApp Cryptographic Service Provider

To configure SafeNet ProtectApp Cryptographic Service Provider to connect with the CipherTrust Manager:

Enter the following values in the ProtectAppICAPI.properties file (placed at C:\Program Files\SafenetProtectAppCSP).

• NAE_IP: IP address of the CipherTrust Manager

• NAE_Port: 9000 (default value)

• Protocol: tcp/ssl

  Note

  • To run this integration using the TCP protocol, ensure that the mode of the interface on the CipherTrust Manager is set to No TLS. For more details regrading configuring interfaces refer to the CipherTrust Manager documentation.

  • If you want to use the SSL protocol, you need to configure SSL using the steps mentioned in the Setting up SSL/TLS section.

• Log_Level: MEDIUM (default value, can be set to HIGH for troubleshooting)

• Log_File: Full path and file name. The user must have write permissions on this path and file.

• CA_File: The CA_File parameter refers to the CA certificate that was used to sign the server certificate presented by the NAE Server to the client. (for ssl only)

• Cert_File: The Cert_File parameter stores the path and filename of the client certificate. This is only used when your SSL configuration requires clients to provide a client certificate to authenticate to the CipherTrust Manager appliances. (for ssl only)

• Key_File: The Key_File parameter refers to the private key associated with the client certificate specified in the Cert_ File parameter. (for ssl only)