User's Guide
Chapter 7 Encryption Key Management
Configuring Encryption Key Management on the Library
Scalar i500 User’s Guide 169
Configuring Encryption Key Management on the Library
Make sure your Q-EKM, SKM, or KMIP-compliant key servers are
installed and running before configuring the library (see the Quantum
Encryption Key Manager User’s Guide, the Scalar Key Manager User’s Guide,
or your KMIP key manager user’s guide for instructions).
Then follow these steps, in order, to configure the library:
• Step 1: Installing the EKM License Key on the Library
on page 169
• Step 2: Preparing Partitions for Library Managed Encryption
on
page 170
• Step 3: Configuring Encryption Settings and Key Server Addresses
on page 170
• Step 4: Installing TLS Certificates on the Library (SKM Only)
on
page 174
• Step 5: Running EKM Path Diagnostics
on page 180
• Step 6: Configuring Partitions for Library Managed Encryption
on
page 180
Step 1: Installing the EKM License Key on the Library
7
If your EKM license key is not already installed on the library, install it
now.
Note: Scalar Key Manager is very sensitive to network instability
due to the large amount of operations occurring in rapid
succession. If you get an error stating that an SKM operation
failed, check network functionality and try the operation
again.
Make sure ports 80, 6000, and 6001 on the SKM servers are
opened up in a bi-directional mode on all firewalls in your
network. If they are not, the library will not be able to
communicate with the SKM servers.