Quick Reference Guide
Using EKM 3.0 on the Secondary Server
The secondary EKM 3.0 server is used for redundancy in the event that the primary EKM 3.0 server is down or
unavailable.
Use the backup created on the primary EKM 3.0 server to perform the restore operation on the secondary EKM 3.0
server periodically in order to keep the primary and secondary EKM 3.0 servers synchronized. Refer to Performing
Backups and Restoring from a Backup.
By default, the secondary EKM 3.0 server is also set to Automatically accept all new device requests for communication.
Dell recommends changing this setting to Only accept manually added devices for communication after every restore
operation. This prevents the secondary EKM 3.0 server from serving keys to new devices that are not added to the
primary EKM 3.0 server. Refer to Configuring EKM 3.0 to Accept Devices that Contact EKM 3.0 for Keys for details on
how to view or configure this setting.
If the primary EKM 3.0 server is temporarily down or unavailable, you must perform the restore operation on the
secondary EKM 3.0 server using the last backup created on the primary EKM 3.0 server.
NOTE: When the primary EKM 3.0 server is down or unavailable and the secondary EKM 3.0 server is used to
support key requests from devices, Dell recommends that you do not perform any management or operational
tasks on the secondary EKM 3.0 server.
Uninstalling EKM 3.0 from the Primary and Secondary Servers
For the procedure to uninstall EKM 3.0 from the primary and secondary servers, refer to Uninstalling EKM 3.0.
14