Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

OpenPGP

Installing and Configuring SafeNet ProtectApp Cryptographic Service Provider

search
printsuggest an editpdf paneldownload

Installing and Configuring SafeNet ProtectApp Cryptographic Service Provider

copy link to clipboardInstalling the SafeNet ProtectApp Cryptographic Service Provider

This section includes the steps to install the SafeNet ProtectApp Cryptographic Service Provider (CSP). To do so, follow the steps below:

Note

  • You need to install the SafeNet ProtectApp Cryptographic Service Provider on the same machine where AD CS is installed and configured.

  • You need to install both the versions (32-bit and 64-bit) of the SafeNet ProtectApp Cryptographic Service Provider.

  1. Download and unzip the SafeNet ProtectApp Cryptographic Service (SafeNet ProtectApp CSP) Provider zip file.

  2. Double-click the setup to launch the InstallShield Wizard. The Welcome screen appears. Click Next.

  3. Accept the license agreement and click Next.

  4. Enter User Name under Customer Information and click Next.

  6. Click Install to begin the installation.

  7. Click Finish to complete the installation.

Once the provider has been installed, create a user on the CipherTrust Manager and assign it permissions to the Key Admins Group. For creating and configuring user and permissions refer to the CipherTrust Manager documentation.

Navigate to C:\Program Files\SafenetProtectAppCSP and run SafenetProtectAppCSPInstall.exe as an Administrator to register the provider. Enter the same username and password, as used in the previous step to create a user on the CipherTrust Manager appliance.

copy link to clipboardConfiguring the SafeNet ProtectApp Cryptographic Service Provider

To configure SafeNet ProtectApp Cryptographic Service Provider to connect with the CipherTrust Manager:

Enter the following values in the ProtectAppICAPI.properties file (placed at C:\Program Files\SafenetProtectAppCSP).

  • NAE_IP: IP address of the CipherTrust Manager

  • NAE_Port: 9000 (default value)

  • Protocol: tcp/ssl

    Note

    • To run this integration using the TCP protocol, ensure that the mode of the interface on the CipherTrust Manager is set to No TLS. For more details regrading configuring interfaces refer to the CipherTrust Manager documentation.

    • If you want to use the SSL protocol, you need to configure SSL using the steps mentioned in the Setting up SSL/TLS section.

  • Log_Level: MEDIUM (default value, can be set to HIGH for troubleshooting)

  • Log_File: Full path and file name. The user must have write permissions on this path and file.

  • CA_File: The CA_File parameter refers to the CA certificate that was used to sign the server certificate presented by the NAE Server to the client. (for ssl only)

  • Cert_File: The Cert_File parameter stores the path and filename of the client certificate. This is only used when your SSL configuration requires clients to provide a client certificate to authenticate to the CipherTrust Manager appliances. (for ssl only)

  • Key_File: The Key_File parameter refers to the private key associated with the client certificate specified in the Cert_ File parameter. (for ssl only)

On this page