Quick Reference Guide

ManualsBrandsDell ManualsSoftwareDell Encryption Key Manager Version 3.1

Merge Tool Prerequisites

Before running the merge tool, verify that the following requirements are met:

• EKM 3.0 must be installed and the master keystore must be created or the merge procedure will fail. Refer to

Creating a Master Keystore.

• When merging from EKM 2.X to EKM 3.0, EKM 2.X and EKM 3.0 must be installed on the same operating system

version.

• If you have previously merged or migrated EKM 2.X into EKM 3.0, the ekmcert certificate from the previous

merge or migration will still exist on the EKM 3.0 server, and may exist even if you have restored from a previous

backup. You must remove the ekmcert certificate from the EKM 3.0 server before performing the merge

procedure. Refer to Deleting the ekmcert Certificate, Keys, and Key Groups, and Renaming Devices.

• You must rename the duplicate keys, key groups, and devices in EKM 2.X before merging them into EKM 3.0.

Refer to the EKM 2.X user's guide.

– There cannot be duplicate key aliases/names from the source EKM 2.X with the target EKM 3.0. Each

incoming key must have a unique alias/name, otherwise the merge procedure will fail.

– There cannot be duplicate key

group

aliases/names from the source EKM 2.X with the target EKM 3.0.

Each incoming key group must have a unique alias/name, otherwise the merge procedure will fail.

– There cannot be duplicate devices from the source EKM 2.X with the target EKM 3.0, otherwise, the

merge procedure will fail.

EKM 2.X to EKM 3.0 Merge Procedure

Perform the following steps to run the merge tool:

1. Log into the EKM 3.0 portal. Refer to Logging into the Encryption Key Manager 3.0 Portal.

The Welcome to Dell Encryption Key Manager screen appears.

2. On the EKM 3.0 server, create a backup of EKM 3.0. Refer to Performing Backups and Restoring from a Backup for

the procedure on creating backups.

If the merge tool fails or corrupts any EKM 3.0 data, you can use the backup to recover any lost information.

3. Log out of EKM 3.0.

4. Stop the EKM 3.0 server before running the merge tool. Refer to Starting and Stopping the EKM 3.0 Server in

Windows or Starting and Stopping the EKM 3.0 Server in Linux.

5. In the root of the EKM 3.0 server, create a suitable folder (for example, C:\EKM_Files in Windows, or /opt/EKM_Files

in Linux).

6. Log into the EKM 2.X console, back up the EKM 2.X keystore, stop the EKM 2.X server, and exit from the EKM 2.X

console. Refer the EKM 2.X user's guide.

7. From the location where EKM 2.X is installed, copy the following files to the folder you created on the EKM 3.0

server in the previous step. If EKM 2.X is installed on a different physical system, use a removable drive or a server

share of the same operating system.

– In Windows, from <

root

>:\ekm\gui\, copy EKMKeys.jck. In Linux, this is located in /var/ekm/gui.

– In Windows, from <

root

>:\ekm\gui\, copy KeyManagerConfig.properties (this is the EKM configuration file).

In Linux, this is located in /var/ekm/gui.

– In Windows, from <

root

>:\ekm\gui\keygroups\, copy keygroup.xml. In Linux, this is located in /var/ekm/gui/

keygroups.

– In Windows, from <

root

>:\ekm\gui\drivetable\, copy ekm_drivetable.dt. In Linux, this is located

in /var/ekm/gui/drivetable.

CAUTION: In Windows, use Notepad to create or edit text files. If you use Wordpad, this procedure will fail.