Manualshelf

Quick Reference Guide

ManualsBrandsDell ManualsSoftwareDell Encryption Key Manager Version 3.1
11121314151617181920
Creating a Master Keystore
This chapter describes how to create the master keystore. The first time you log into EKM 3.0, you must create the
master keystore.
NOTE: If you migrated an EKM 2.X keystore during the EKM 3.0 installation, a keystore is already created, and this
procedure will not apply.
NOTE: At a later point, if you want to create additional keys and/or key groups, refer to Creating Key Groups for the
Device Group.
To create the master keystore, perform the following steps.
1. In the Welcome to Dell Encryption Key Manager screen, click click here to create the master keystore.
The Keystore screen appears.
2. Keep the default values for Keystore type, Keystore path, and Keystore name.
The default values are: Keystore type: JCEKS, and Keystore name: defaultKeyStore. The default value for the
Keystore path in Windows is: <
root
>:\Dell\EKM\products\tklm\keystore. The default value for the Keystore path in
Linux is: /opt/dell/ekm/products/tklm/keystore.
3. In the Password field, create a password for the default keystore. This password must not be less than six
characters.
4. In the Retype Password field, re-enter the password.
5. Click OK.
The Keystore screen confirms that the keystore was created successfully.
6. Create a backup of the keystore. Refer to Performing Backups and Restoring from a Backup.
Enabling the Firewall in the EKM 3.0 Server
NOTE: Refer to your operating system's documentation for instructions on how to configure your firewall.
EKM 3.0 communicates with the tape library over the network. If the firewall is enabled on the system on which EKM 3.0
is installed and the required ports have not been opened, communication between EKM 3.0 and the tape library will fail.
If you must enable the firewall on the system on which EKM 3.0 is installed, then perform the following steps to enable
communication between EKM 3.0 and the tape library:
NOTE: These are the default ports used by EKM 3.0. If your tape library is configured to use different ports, ensure
that you use those port numbers in the firewall settings and in the EKM 3.0 configuration.
NOTE: If you use a primary/secondary server configuration for EKM 3.0, then repeat this procedure for the
secondary server.
1. Open the following ports for the corresponding protocols:
TCP: 3801
SSL: 443
2. If your firewall is configured only to allow specific IP addresses and/or subnet masks to communicate with the
above ports, ensure that the tape library's IP address and/or subnet mask are included in the list of allowed IP
addresses and/or subnet masks.
To access the tape library network configuration, log into the tape library remote management unit (RMU) and
locate the network settings. For more information, refer to the tape library's user's guide. To locate the tape
library's user's guide, see the Documentation and Reference Materials section of the ReadThisFirst.txt file on the
EKM 3.0 installation media.
18