Dell™ PowerVault™ S\\?\mw C'8O
Dell™ PowerVault™ S\\?\mw C'8O
© 2007, 2010 Dell Inc. All rights reserved. >D5PDE"I\aPy|D,!;mP(*# 4- Dell Inc DifmI,O{xPNNN=D4F#>DP9CDLj:Dell"DELL UjM PowerVault yGtZ Dell Inc. DLj# Z>D5PI\99CKd{LjML7{F48yw5PCjGk{FD5erdz7#Dell Inc.
?< < . . . . . . . . . . . . . . . . . v m . . . . . . . . . . . . . . . . . vii 0T . . . . . . . . . . . . . . . . ix XZ>i . . . . . . &DACiDA_ . . >iP9CD<(Muo "byw . . . . . . `Xvfo . . . . . . Linux E" . . . . . Microsoft Windows E" Z_'V. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix ix ix ix . x . x . x . x kHDA . . . . . . . . . . . . . . xi *5 Dell . . . . . . . . . . . . . .
S\\?\mwPDsF*c . sFG} . . . . . . . . . . A-1 Lj t/X$LrE>y> Linux =( . . . dCD~>} . . . Jcm. . . . . . . . . . . . . . . E-1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-1 . A-1 . A-1 w} =< B. S\\?\mwdC
< 1-1. 1-2. 1-3. 2-1. 2-2. 2-3. 2-4. 2-5. 2-6. 3-1. 3-2. S\\?\mwDDvwi~ . . . . . S\_T}fM\?\mD=vI\;C: 9CTFS\\?DS\ . . . . . . LTO 4 r LTO 5 ExzksS\4Yw LTO 4 r LTO 5 ExzksS\AYw Backup Critical Files 0Z . . . . . . %~qwdC . . . . . . . . . . =vxP2mdCD~qw . . . . . =vdC;,D~qwCJ`,Dh8 Choose Destination Location 0Z . . . +Cf>D JVM hC*1! . . . . . . 1-2 1-4 . 1-6 2-4 2-5 . 2-6 . 2-7 . 2-8 2-8 . 3-3 . 3-3 3-3. 3-4. 3-5. 3-6. 3-7. 3-8. 3-9. 3-10. 5-1. 5-2. Start Copying Files 0Z . . . .
vi Dell S\\?\mwC'8O
m 1. 1-1. 2-1. 2-2. >iP9CD!"e<( . . . . . . . . ix S\\?** . . . . . . . . . . . 1-6 Linux Dn!m~hs . . . . . . . . 2-2 Windows Dn!m~hs . . . . . . . 2-3 6-1. 7-1. 7-2. 8-1. S\\?\mw(fDms . . . . . . S\\?\mw4ksFD~DsFG<`M @UsFB~DsFG<`M . . . . . . *}]i/dvq= . . . . . . . . .
viii Dell S\\?\mwC'8O
0T XZ>i >Va|,K Dell™ S\\?\mwD20MYwyhDE"M8>E"#||,XZ TBZ]DEnM}L: v IS\ LTO 4 M LTO 5 Exz v \? v }V$i &DACiDA_ >iCZ:pX*}]2+M8]Df"M2+\m1,T0-zZYw73P20 M,$S\\?\mw~qwDyPK1#|Y(A__PXZf"h8MxgD$ w-iM*6# >iP9CD<(Muo >i9CTB!"e<(: m 1. >iP9CD!"e<( <( C> Ve Ve%JrV{zmXk4Vf9CD53* X,}g|n{F"D~{"j>{F"76 {M!(K%!n# L(mH >}"C'8(DD>M53T>DE"TL (mHVMT># 1e 1e%JrV{zmXka)Dd?5# [n] 8>I!n# {n} TPmSO(E,zXkSPmDq=Mo( hvP!q3n# | z_CZVt!nPmPDwn# <|> 8>y4D|# "byw "byw8>I\TLr"h8"53r}]lI#&DI\T#*>EI\ifE "byw,+b;GXhD#"byw>}gBy>:
`Xvfo PX|`E",kNDTBvfo: v Getting Started with the Dell™ PowerVault™ TL2000 and TL4000 Tape Libraries a )K20E"# v Dell™ PowerVault™ TL2000 Tape Library and TL4000 Tape Library SCSI Reference a)K\m SCSI SZP*D\'V SCSI |nM-i# Linux E" Red Hat E" TB URL k Red Hat Linux® 53`X: v http://www.redhat.com SuSE E" TB URL k SuSE Linux 53`X: v http://www.suse.com Microsoft Windows E" TB URL 9z\;CJXZ Microsoft® Windows® 53DE": v http://www.microsoft.com Z_'V kCJ http://support.dell.
kHDA *5 Dell @zM'ITBg:800-WWW-DELL(800-999-3355)# ":g{z;ICrXx,S,ITZzD:r"1"0d%"J%r Dell z7?< OR=*5E"# Dell a)K8vZ_Mg0'VM~q!n#?vzRMz7DICTG;,D,Zz yZDxrP;)~qI\G;PD#*k*5 Dell qCPXz["
xii Dell S\\?\mwC'8O
Z 1 B ExzS\Ev }]Z:y$RDL573PGn&sDJ4#ZqlT2+G#tPD@gP,# V}]ICTD,1#$}]"XFT}]DCJMi$}]f5TGRGDEH$ w?j#}]S\Gl&b)hsD;v$_#Dell S\\?\mw(TBF*S\\ ?\mw)r/KS\Nq# LTO 4 M LTO 5 Exz\;S\4=NN LTO 4 M LTO 5 }]PxOD}]# CB&\+|OqD2+k)mS=Qf"}],x;aIZZ~qwO4PS\x vS&m*zr5M&mYH,r'6(Ch8D*z# ExzS\bv=8ITB 3 vw**XiI: 'VS\DExz yP LTO 4 M LTO 5 Exz
)P*!nxPKs?hv,WHZZ 2-1 3DZ 2 B, :f.S\\?\m w73;,dNZZ 4-1 3DZ 4 B, :dCS\\?\mw;,.sZhv ;ij{dC!nD=< B PxPKhv# Exzmq ExzmqIS\\?\mwCZzYd'VDExh8#ExzmqG;v G`-D~xFD~,d;C8(ZdCD~P#IT|Dd;C4zczD h*# KeyGroups.xml D~ C#$\kDD~|,yPS\\?iD{F,T0k?v\?iX*DS\ \?Dp{# < 1-1. S\\?\mwDDvwi~ \mS\ Dell S\\?\mwG;V Java™ m~Lr,CLrCZZ 'VS\DExzOzI" #$"f"M,$S\\?,CS\\?CZT4=ExiJ(ExMPxq=)D E"xPS\T0TSExiJA!D}]xPb\#S\\?\mwKPZ Linux(SLES M RHEL) M Windows O,
X*S\\?\mwwz~qwdCE":(i Dell S\\?\mwLryZD Fcz9C ECC Zf,Tc+*'}]DgU5=nM#S\\?\mw4PT B&\:kszIS\\?,"+b)\?+]x LTO 4 M LTO 5 Exz# ZS\\?\mwxP&mD}LP,\?DOTr|(S\)q=$tZ53 ZfZ#k"b,\?DOXkZ;"zNNmsDivB+]==`&Exz P,4kExPD}]E\V4(b\)#g{r*3V-r,53ZfPD; msmMExb#Exz
< 1-2. S\_T}fM\?\mD=vI\;C: &CLrc ;v&CLr,@"Z\?\mw,CZt/Exf"wD}]+d#XZ\'V D&CLr,kND:&CLr\mDExS\;# bc Exf"wDbG,Hg Dell PowerVault TL2000/TL4000 M ML6000 5P#n BDExbZExbZD?vExzO<,P;vZ?SZ# &CLr\mDExS\ 1Yw73KPD&CLrQ\;zIM\mS\_TM\?1,K=(nJC#8 (N19CS\D_TI(}&CLrgfxP(e#_TM\?(}&CcMS\ Exz.dD}](7. S\G&CLrM'VS\DExz.dxP;%Da{," R;h*T53MbcxPNN|D#IZ&CLr\mS\\?,rx9C&CL r=(4kMS\Dm;\(}4k|GD`,&CLr,9C&CLr\mDS\ =(xPA!# &CLr\mDExS\;h*,2;9C S\\?\mw# TBn!f>D&CLrIC4\mS\: v CommVault Galaxy 7.0 SP1 v Symantec Backup Exec 12 &CLr\mDExS\ZTBz
kNDEx8]m~&CLrD5TKbgN\mS\_TM\?# b\mExS\ kT Dell™ PowerVault™ TL2000 Tape Library"Dell™ PowerVault™ TL4000 Tape Libraryr Dell™ PowerVault™ ML6000 Tape Library PD LTO 4 M LTO 5 Exz9 CC=(# \?DzIM\m(}Z=xbwzOKPD Java &CLrS\\?\m w45V#_TXFM\?-Ib - ExzSZ,rKT&CLr45,S\G8w D# XZS\\? S\\?GXpzIDfzD;.TS\Mb\}]#9ChFDc(44(S\\ ?T7#?v\?D(;TM;I$bT#(}bV==9lD\?=$,POS\ zk+=Q#IBM M T10 S\D=(<9C 256 ;D AES c(\?TS\}]#256 ; AES G@z~.10OIM(i9CDS\j<,|Jm}v;,D\?$H#256 ;\?G AES JmDn$\?# S\\?\mw9C=`S\c(:TFc(MGTFc(#TFr_X\\?S\ 9C;v\?xPS\Mb\
d{&CLr&mDS\\? Z&CLr\mDExS\P,4S\}]+"M= LTO 4 M LTO 5 Exz,"9 C&CLrya)DTF DK *;*\D,;s4kEx#ZP=ExODNNX=4 f" DK#4kS\m.s,DK Xk&ZICZ&CLr(}g,~qw}]b)D 3v;CTA!m# LTO 4 M LTO 5 ExzIT9C&CLr(}g,Yosemite(kT Dell PowerVault TL2000 M TL4000 Exb)"CommVault M Symantec Backup Exec)TxP&CL r\mDS\# r_,LTO 4 M LTO 5 ExzITIIC T10 |n/T4PS\D&CLr9C# T10 |n/9C&CLra)DTF 256 ; AES \?#T10 IT*?vP=Ex9 C`vM(;D DK,uAIT+S\}]Me}}]4k,;P=ExP#&CLr TP=ExxPS\1,|+IC&CLr7(D=(!qrzI DK,;s+|"M =Exz#49CGTF+C\?T\?xPr|,24ZP=ExOTdxPf "#+S\}]4kEx.
Z 2 B f.S\\?\mw73 >?V
b\mDExS\Nq 1. 20MtC LTO 4 M LTO 5 Exz# v |BbL~(ZX*1,TL2000"TL4000 M ML6000)#kCJ http:// support.dell.com# – Dell™ PowerVault™ TL2000 Tape Library yhDn!L~f>G 5.xx# – Dell™ PowerVault™ TL4000 Tape Library yhDn!L~f>G 5.xx# – Dell ™ PowerVault ™ ML6000 Tape Library yhDn!L~f>5PG 415G.xxx# v gPX*,|BExzL~#yhDn!L~f>G 77B5# 2. tC LTO 4 M LTO 5 ExzMExb,TxPb\mDExS\ (kND Dell ExbE"TKbj8iv) # v mSS\\?\mw ~qw IP X7 3. 9CboOP*Ti$S\\?\mw76MS\dC(kND Dell ExbE"T Kbj8iv) # 2~Mm~hs ":TZTBwv=(,;P IBM f>D Java KP173(JRE)E'VS\\?
Windows bv=8i~ Yw53 Windows Server 2003"2008 M 2008 R2 Dell S\\?\mw yhDS\\?\mwn!f>G 2.1,9(UZG 20070914 r|m,"&ZTB3 ;v IBM KP173: m 2-2. Windows Dn!m~hs Yw53 IBM KP173 Windows 2003 v IBM® 64-bit Runtime Environment for Windows on AMD64/EM64T architecture,Java 2 Technology Edition,V5.0 SR5 v IBM 32-bit Runtime Environment for Windows,Java 2 Technology Edition,V5.0 SR5 Windows 2008 M IBM 64-bit Runtime Environment for Windows on AMD64/EM64T 2008 R2 architecture,Java 2 Technology Edition,V6.
S\\?k LTO 4 M LTO 5 Exz Dell S\\?\mw 0d'VDExz<9CTFD 256 ; AES \?4S\}]# CwbbMz&KbXZb)\?M$iDD)Z]# Z9C LTO P=ExD LTO 4 r LTO 5 ExzO4PS\Nq1,S\\?\m wv9C 256 ; AES TF}]\?# Z LTO 4 r LTO 5 ks\?1,S\\?\mw9C*Exz8(Dp{#g{4 *Exz8(NNp{,G4+9C;v4T symmetricKeySet dCtTP8(D\? i"\?p{Pmr\?p{6'Dp{#g{Exz1YX(Dp{,G4+T7(Sd{5e!qp{,TybX9C\?# !(Dp{k$0k=\?bPDTF}]\?(DK)`X*#S\\?\mw+Q CExzITb\D;,\?r|DC DK "M= LTO 4 r LTO 5 ExzTS\} ]#C DK ;G(} TCP/IP wD+M#!(Dp{2+*;*F*“}]\?j6{ (DKi)”D5e,C5e+CS\}]4=Ex#(}bV==,S\\?\mwI T9C DKi 46pA! LTO 4 r LT
7. Exzb* DK "+S\}]M DKi 4=Ex < 2-25w4PS\AYw1gN&m\?# < 2-2. LTO 4 r LTO 5 ExzksS\AYw 1. ExzU=Aks,"+ DKi "M=S\\?\mw 2. S\\?\mwi$ExzmqPDExh8 3. S\\?\mw+ DKi *k*p{"S\?bq!`&D DK 4. S\\?\mw+C DK kExzITb\D\?r|Z;p 5. S\\?\mw+r|D DK "M=Exz 6. Exzb* DK "C|4b\}] 8]\?b}] ":IZ\?bP\?DYgTJ,zh*ZGS\LO8]K}],b;cG.V X*D,byzMITZh*1V4}],"R\;9CkExzrbX*DG )$iAvS\Ex#8]\?b'\+a((#G PKCS12 q=D~) # v 9C538]&\(}g RACF)44(\?bE"D8]1>("b;*C
C GUI 8]D~ 1. r* GUI(g{|"4t/): Windows O /@A c:\ekm\gui "%w LaunchEKMGui.bat Linux =(O /@A /var/ekm/gui "dk . ./LaunchEKMGui.sh 2. ZS\\?\mw GUI s_D<=wP!q Backup Critical Files# a14m0241 3. ZT>DT0Pdk8]}]D76(< 2-3)# < 2-3. Backup Critical Files 0Z 4. %w Backup Files# 5. +P;uN<{"T>a{# 5V_`D`v\?\mw S\\?\mw;hFCZExzMExb,T5V_`,"rKqC|_DIC T,T9z5PCZ,;ExzMExbD`v\?\mw#+G,b)\?\mw ^hkExzMExb;Z,yD53O#\?\mwDns}!vZExbrz m#(;D*sGb)\?\mwXk(} TCP/IP ,SCZExzO# byM9z5P=vS\\?\mw,=_GKK.dD5q,"_P\?bX*E "DZC8],T0Z;v\?\mw;IC1"Sw
z9IT#V=vS\\?\mwD,=#h*1{CC&\G#X*,b;vIZ |TX*}]xPZC8],9IZd\;@9E@KP;PODJO*F&\#k NDZ 4-2 3D:,==v\?\mw~qw.dD}];# ":,=;|(\?b#zXkT|GxPV/4F# S\\?\mw~qwdC S\\?\mwI20Z%vr`v~qwO#TB>}5w;v\?M=v\?D \mwdC,+zDbI\JmdC|`# %~qwdC %~qwdC(g< 2-4PT>)Gnr%DS\\?\mwdC#+G,IZ1&_ `,(iz;*9CC~qwdC#ZKdCP,yPExzy@5Z;xNN8] D%\?\mw~qw#;)~qwXU,G4\?b"dCD~"KeyGroups.xml file, MExzmq+^(9C,#tZ2+ D;C(;,ZS\\?\mw),TcZ*'~qw1>DivB,ITZf;~ qwOXB9(d&\# A B
A = = = = C B a14m0254 < 2-5. =vxP2mdCD~qw ;,dC: =vS\\?\mw~qwI\2m;v+C\?bMExzmq,+G 2I\_P=v;,DdCD~M=i;,D\?i,}gZ|GD XML D~Py( eD;y#(;DhsGC4~qZ+2ExzD\?kT?v~qwXk`,#b 9?v\?\mw~qwy\;_PTmDtTi#ZK`dCP(g< 2-6PT >),Z\?\mw~qw.d&vTExzmqxP,=#(kNDZ 4-2 3D:, ==v\?\mw~qw.dD}];Tq!|`E"#)7#8( sync.type = drivetab(k;*8( config r all)T@9dCD~;2G# ":^(?V2m~qw.
PS\,r*g{;P\?\mwM^(Tdb\# )g{ DR >cSzDw>c9 C;,DExz,G4dCD~MExzmqXk|, DR >cD}7E"# lX2mS\ExD"bBn ":TZ(}liK`$iDEN4S5qOwoiq!DNN$i=nU)p3v $iDO$PD(CA),i$b)$iDP'TG#X*#g{EN CA,G4z ITENC$i#r_,g{3v$iZ*;}LP\=2+#$,G4zIT i$C$iDP'T#49CdP;v=(i$3v$iDP'TI\XkCZd{i/T9|G\;A!Ex#*2mTF\?,d{i/Xkkz 2m|GD+C\?#9C keytool SS\\?\mw\?bP
2-10 Dell S\\?\mwC'8O
Z 3 B 20S\\?\mwM\?b S\\?\mwf= IBM Java ibz;pz[,"h* IBM Software Developer Kit for Linux M IBM Runtime Environment for Windows(kNDZ 2-2 3D:2~Mm~ hs;) #kq-JOZzDYw53D=h: v :Z Linux O20S\\?\mw; v Z 3-2 3D:Z Windows O20S\\?\mw; g{z;7(GqQ20KnBf>DS\\?\mw,:BXnBf\?\mw ISO 3q;5wKgNKbOBf>GqIC#nCqCzD Java 20fPI\;PDn BfS\\?\mw# |`E"kCJ http://support.dell.com# X*S\\?\mwwz~qwdCE":(i Dell S\\?\mwLryZD Fcz9C ECC Zf,Tc+*'}]DgU5=nM#S\\?\mw4PT B&\:kszIS\\?,"+b)\?+]x LTO 4 M LTO 5 Exz# ZS\\?\mwxP&mD}LP,\?DOTr|(S\)q=$tZ53 ZfZ#k
2. + Java linux rpm D~ECZ$w?
a14m0257 < 3-1. Choose Destination Location 0Z %w Next# a14m0232 5. f.r*;v0Z,/JzGq*+C Java KP173Cw1!D53 JVM(< 3-2) # < 3-2. +Cf>D JVM hC*1! %w No# 6. Start Copying Files 0Zf.r*(Z 3-4 3D< 3-3)#7OzQGB?j76# Z 3 B 20S\\?\mwM\?b 3-3
a14m0258 < 3-3. Start Copying Files 0Z %w Next# 7. C4,0Z8>20xH# 8. Browser Registration 0Zr*#!qCZS\\?\mwD/@w#%w Next# 9. InstallShield r{0Z,Ti/Q20 Java Df>: C:\WinEKM>C:\"Program Files"\IBM\Java60\jre\bin\java -version java version "1.6.0" Java(TM) SE Runtime Environment (build pwi3260sr5-20090529_04(SR5)) IBM J9 VM (build 2.4, J2RE 1.6.0 IBM J9 2.4 Windows Server 2003 x86-32 j9vmwi3223-20090 519_35743 (JIT enabled, AOT enabled) ... 10. gBy>|B PATH d?:(TZ S\\?\mw 2.
*@CXhC PATH(TZS\\?\mw 2.1,GXhD),kr PATH d?m S java bin ?
a14m0247 < 3-4. EKM Server Configuration 3f !\IT* Dell S\\?\mw\?bzID\?};P^F,+GzI\?D1 dT;avS,_e!vZksD\?}?#S\\?\mwzI 10 v\?h* 15 kS,zI 10000 v\?rh* 30 VSTOD1d#k"b,\?}\=wz~ qwJ4(~qwPDZf)D^F#S\\?\mw&CLrKP1Z53Zf P,$\?bPm,Tc\;ZbSExz"M\?ks1lYCJb)\?# ":g{\?zI}LPS\\?\mw GUI ;PO,G4+h*YN20S\\ ?\mw# g{ZS\\?\mw\?zIxLjI.0+dXU,G4\?bD~+; p5#*@9bViv,k4PBP=h: v g{S\\?\mwZu}C?<"XBt/20# v g{mSB\?i1S\\?\mw;PO,kXUS\\?\mw~q w,"9CnBD8]\?b(KD~;Z x:\ekm\gui\backupfiles D~PP) V4zD\?bD
a14m0243 < 3-5. EKM Server Certificate Configuration 3f a14m0251 5. +r*;v:Backup Critical Files;0Z(< 3-6),aQz8]S\\?\mw} ]D~# < 3-6. Backup Critical Files 0Z Z 3 B 20S\\?\mwM\?b 3-7
i$76"%w Backup#Dell S\\?\mw~qwZs(t/# ;*|DS\\?\mw~qwdC1%wK7(,rZ :Backup Critical Files; 0ZP%wK Backup,S\\?\mwM+zI;i8]D~#w**i5DD~ PvDD~+#f= c:/ekm/gui/BackupFlies ?S\ \?\mwwz IP X7# v g{wzdC*9C IPv6 X7,G4S\\?\mw&CLr+^(T>C IP X 7# v
GB SSL dCKZ"7#CKZ*CZdCzDb\mDS\hCDKZ# 5. S|nP"z#dkTB|n: exit XU|n0Z# Z LTO 4 M LTO 5OzIS\\?Mp{ Dell S\\?\mwServer GUI GzITFS\\?Dnr%=((kNDZ 3-5 3D :9C GUI 44(dCD~"\?bT0$i;) #z2IT9C Keytool 5CLr4 zITFS\\?#Keytool TZZ;,\?.d
5. XBt/S\\?\mw~qw# g{;9C Keytool g{;9C keytool r GUI 4zI\?Mp{,G4^(zIkS\\?\mw`f ]D\?6'#*zIkS\\?\mw`f]D%@\?,M*7#9CTBq= .;8(p{: v 12 vIr!V{r|Y(g abcdefghijk) v 3 vIr!V{,sz=v 0,SEG ABC000000000000000001),\2}C* 21 vV{ 16 ;.yxF}(g 9C Keytool -genseckey zI}]\?Mp{ ":ZNNa0PWN9C keytool |n.0,kKP updatePath E>,ThC}7 D73# Windows O /@A cd c:\ekm "%w updatePath.bat Linux =(O /@A /var/ekm "dk . ./updatePath.sh Keytool 5CLrrZ9C LTO 4 M LTO 5 ExD LTO 4 M LTO 5 ExzOz ICZS\Dp{MTF\?#9C keytool -genseckey |n4zI;vr`v\? "+|
":;)zh(\?b\ks,}Gd2+T;F5,qr ;*|DC\k#kN D:|D\?b\k(Changing Keystore Passwords);# -keyalg 8(CZzI}]\?Dc(#C5Xk8(* AES# -keysize 8(*zI}]\?Ds!# \?s!Xk8(* 256# ITkTF\?X*DIS\p{>}: abc000000000000000001 abc00a0120fa000000001 ;a;\?\mwS\Dp{>}: abcefghij1234567 ? wrong lengthabcg0000000000000001 ? prefix is longer than 3 characters g{\?bPQfZ;vp{,Keytool +Wv;vl#"#9KP# |D\?b\k(Changing Keystore Passwords) ":;)zh(\?b\ks,}Gd2+T;F5,qr ;*|DC\k#+#}\ kT5MNN2+T)6#|D\?b\kh*(}9CBfD keytool |nVp |DC\?bP?;v\?OD\k# *|D\?b\k,kdk: k
9C Keytool -exportseckey | aliasrange ] [-keyalias ] [-keystore ] [-storepass ] [-storetype ] [-providerName ] [-exportfile ] [-providerClass ] [providerArg ] b)N}XpX*,|GCZ
|B KeyManagerConfig.properties D~PD symmetricKeySet tT,mSTBP,Tc kTO9CDNNMyPp{6'T0f"TF\?D~D{F`%d#"b:g{ 8(Dp{^',S\\?\mwI\^(t/#i$'\Dd{-rI\|(;} 7D;s!(AES keysize Xk* 256)r^'D=(c(#-keyalg Xk* AES,R -keysize Xk* 256#config.keystore.file P8(DD~{&Ck KeyTool wCP –keystore 8(D{F`%d: symmetricKeySet = AES01-FF,abcfrg config.keystore.file = .jceks ;P symmetricKeySet PD8(\?Ea;i$(li;vQfZp{M;vTF\? Ds!Mc(Gq!1)#g{ZCtTP8(K^'D\?,S\\?\mw+^( t/"4(;usFG<# \?iD4(k\m S\\?\mwJmzi/ LTO 4 M LTO 5 DTF\?"+dS\*\?i#
Linux =(O /@A /var/ekm/gui "dk . ./LaunchEKMGui.sh 2. Z GUI s_D<=wP!q Administration Commands# a14m0248 3. %w0ZW?D Create a Group of Keys (< 3-7) # < 3-7. 4(\?i 4. dkB\?iD{F"CZ\?p{D0:T0i*|,DX|V}?#%w Submit Changes# |D1!\?i: 1. Z GUI s_D<=wP!q Administration Commands# 2. %w0ZW?D Change Default Write Key Group(Z 3-15 3D< 3-8)# 3-14 Dell S\\?\mwC'8O
a14m0244 < 3-8. |D1!4\?i 3. SR`DiPmP!qBD1!\?i# 4. i$0ZW?D10\?iMBD1!\?i,"%w Submit Changes# +X(\?i8(xX(DExz: 1. Z GUI s_D<=wP!q Administration Commands# 2. %w0ZW?D Assign Group to Drive(Z 3-16 3D< 3-9)# Z 3 B 20S\\?\mwM\?b 3-15
a14m0246 < 3-9. +i8(xExz 3. SExzPmP!qExz# 4. SiPmP!q\?i# 5. i$0ZW?DExzM\?i"%w Submit Changes# SExzmqP>}Exz: 1. Z GUI s_D<=wP!q Administration Commands# 2. %w0ZW?D0Z Delete Drive(Z 3-17 3D< 3-10)# 3-16 Dell S\\?\mwC'8O
a14m0245 < 3-10. >}Exz 3. SExzPmP!qExz# 4. i$0ZW?DExz{F"%w Submit Changes# 9C CLI |n(e\?i S\\?\mw5PD\?i&\9z\;i/\?i# ;)20"dCKS\\?\mw&CLr(\?bM\?QzI)RS\\?\m w~qwQ-t/,G4k9CM'zG}: createkeygroup -password a75xynrd 2. KP addkeygroup |n# K|nZ KeyGroups.xml P4(_P(;ij6D\?i5}#
o(:addkeygroup -groupID groupname -groupID CZ6p KeyGroups.xml D~PDiD(;i{# >}: addkeygroup -groupID keygroup1 3. KP addkeygroupalias |n# K|n*\?bPVPD\?p{4(BDp{,CZmS=X(\?ij6# o(:addkeygroupalias -alias aliasname -groupID groupname -alias \?DBp{#K{FXkGj+D|{,4,Key00 key000000000000000000 dk# Xk@U -groupID CZ6p KeyGroups.xml D~PDiD(;i{# >}: addkeygroupalias -alias key000000000000000000 -groupID keygroup1 ":Z9CK CLI |n1,zIT;N;mS;v\?#TZ?vh*mS=\? iD%@\?,XkKPK|n# 4. +\?ikBDrVPDExz`X*# a. KP moddrive |n9\?ikVPExz`X*
symmetricKeySet = keygroup1 ij6Xkk KeyGroups.xml D~PDVP\?ij6`%d#g{;%d,G4S\ \?\mw~qw+;t/#S\\?\mwaZ\?iPzY\?C>#1z8( KP'Dij6,S\\?\mwaG}: addaliastogroup -aliasID aliasname -sourceGroupID keygroup1 -targetGroupID keygroup2 ":\?Z=v
3-20 Dell S\\?\mwC'8O
Z 4 B dCS\\?\mw 9C GUI 4dCS\\?\mw 4(dCtTD~nr%D=(MG9C Dell S\\?\mw GUI qUZ 3-5 3D :9C GUI 44(dCD~"\?bT0$i;PD}LxPYw#g{z4PKb )Yw,G4zMQ4(KdCD~"R;h*xPd{DdC#g{zk{Cd{ DS\\?\mwdC!n,TBE"I\aPTzPyoz# dC_T Z KeyManagerConfig.properties D~PD3)dChCa)Kl]==,z&CTb) l]==DwCP;(DKb# T/|BExzm S\\?\mwZdCD~Pa)K;vd?(drive.acceptUnknownDrives),g{| QhC*5 true,G4+ZBDExzk Dell S\\?\mw *51T/ndEx zm#KYw\bK*?vExzrb9C adddrive |nDhs#ZK==P,dP ?vh8D 10 ; rPE<;h*9C CLI M'z|n4dk# BDExz*xP j<+2/(C\?\kuD;;Ti$Exh8Dj6#;)Ki$jI,Bh8M ITy]ExOf"D \?
,==v\?\mw~qw.dD}] ITZ=vS\\?\mw~qw.dTExzmqMdCtTD~xP,=#zI T(}V/9C CLI M'z sync |nrT/hC KeyManagerConfig.properties D~ PDDvtT44PKYw# "b =v,==(Z\?br\?i XML D~Py;\P'9C#zXkT|GxP V/4F# ;PZ KeyManagerConfig.properties D~D sync.ipaddress tTP8(P'D IP X 7,zEITtCT/,=&\#kND:T/,=;# V/,= V/=(f04P CLI M'z sync |n#o(gBy>: sync {-all | -config | -drivetab} -ipaddr ip_addr :sslport [-merge | -rewrite] C|n+dCD~tTM/rExzmqE"S4(r"M)~qw"M= –ipaddr N }8(D?j(rSU)~qw#SUDS\\?\mw~qwXkt/MKP# yhVN -all +dCtTD~MExzmqE",1"M= -ipaddr 8(D~q
sync.ipaddress = backupekm.server.ibm.com:1443 g{CtT48(r_8(ms,G453+{CT/,=# sync.action O"rX4SU~qwPDVP}]#P'5GO"(1!5)MX4#,=dC tTDdC"R;h*4PTBDNN=h#CE "5wgN;9C GUI 44Pb)Nq, "Rg{zk*{Cd{dC!n,G4 CE"G\PCD# Windows C'k"b:Windows ;S\|,UW?<76D|n#Zdk|n1,h **b;?<8(L{F,}g:progra~1 x;G Program Files#*Pv?
e. TransportListener.ssl.truststore.name - 8(Z=h 1 P4(D\?bD 76MD~{# f. Admin.ssl.keystore.name - 8(Z=h 1 P4(D\?bD76MD~{# g. Admin.ssl.truststore.name - 8(Z=h 1 P4(D\?bD76MD~ {# h. config.keystore.file - 8(Z=h 1 P4(D\?bD76MD~{# i. drive.acceptUnknownDrives - 8( true r false#g5* true,G4J m+kS\\?\mw*5DBExzT/mS=Exzmq#1!5* false# 5. ImSr!TTBI!\ku?#g{Z KeyManagerConfig.properties P48 (b)u?,G4S\\?\mwZt/~qwZd+a>dk\?b\k# a. Admin.ssl.keystore.password - 8(Z=h 1 P4(D\?bD\k# b. config.keystore.password - 8(Z=h 1 P4(D\
sS # listdrives -drivename 000001365054 5X Entry Key: SerialNumber = 000001365054 Entry Key: AliasTwo = key1c2 Entry Key: AliasOne = key1c1 Deleted : false Updated : true TimeStamp : Sun Jul 03 17:34:44 MST 2007 11. T # w*a>{dk listdrives |nT7#ExzQI&mS# Z 4 B dCS\\?\mw 4-5
4-6 Dell S\\?\mwC'8O
Z 5 B \mS\\?\mw t/""BMXU\?\mw~qw t/MXUS\\?\mw~qwG#=c# "B~qwIT9S\\?\mw+ZfPd\?b"ExzmqMdCE"D10 Z]*"=wTDD~,;s+|GXB0k=Zf#9C CLI M'zTb)i~xP NN|D.s,"v"B+G#PC#d;ZS\\?\mw~qwXU153+T /#fK`|D,+Gg{53@#rg4PO,"v~qw"B+@9b)|D* '# S Dell S\\?\mw GUI t/S\\?\mw~qw: 1. r* GUI(g{|"4t/): Windows O /@A c:\ekm\gui "%w LaunchEKMGui.bat Linux =(O /@A /var/ekm/gui "dk . ./LaunchEKMGui.sh 2. Z GUI s_D<=wP%w Server Health Monitor# a14m0249 3. Z“Server Status”3f(< 5-1)O,%w Start Server r Refresh Server# < 5-1. ~qw4, 4.
a14m0250 < 5-2. Login 0Z dkC'{D EKMAdmin#u<\kG changeME#G<.s,zIT9C chgpasswd |n4|D\k#kNDZ 5-8 3D:chgpasswd;# ":v Dell S\\?\mw GUI I\^(T>wz IP X7 ?0D GUI D=nV^T9d^(Z~qwKP4v`SwPT>S\\?\ mwwz IP X7: v 10&CLr^(6p IPV6#g{wzdC*9C IPV6 X7,G4S\\ ?\mw&CLr+^(T> IP X7# v g{S\\?\mw&CLr20Z Linux 53P,G4C&CLr+T> >XwzX7,x;G5JDn/ IP KZ# *lwwz53D5J IP X7,k(}CJxgdCiR IP KZX7#Z Windows 53P,r*|n0Z"dk ipconfig#TZ Linux,kdk isconfig# 6. %w Login# 9C`,D“~qw4,”3fIXU~qw# 9CE>t/\?\mw~qw Windows O /@A cd c:\ekm\ekmserver "%w startSe
S|na>{t/MXU\?\mw~qw *SNN|n0Zr shell t/S\\?\mw~qw,kdk: java com.ibm.keymanager.EKMLaunch KeymanagerConfig.properties KYw+Zs(t/S\\?\mw~qw#}7t/1,9C ps -ef | grep java | n( Linux =()r9C Windows Nq\mwITT>S\\?\mwJava xL#w * Windows ~qKP1,|+T>* LaunchEKMService# *XU~qw,ZZ 5-5 3D:|nPgfM'z;9CBfhvDNb=(4"v stopekm |n#d{=(Gr\?\mw}L"M sigterm#b9~qw\;j+X UMU9KP#k;*r\?\mw}L"M sigkill#sigkill +;aj+XU}L#} g,Z Linux 53,dk kill -SIGTERM pid r_ kill -15 pid# Z Windows =(,t/ Dell S\\?\mw w* Windows ~q1,zITSXF fe9|#9KP# +\?\mw
4. 7#S\\?\mw~qwdCtTD~PD76G+^(D#CD~D{F* KeyManagerConfig.properties,;Z C:\ekm\gui ?}# b)GtTM9C1!20M\?b{F1&8rD+^(76#?vb)n
7. 9COfD|n20~q.s,EKMServer +vVZ~qXFfeP,zIT9C “~qXFfe”t/MXUS\\?\mw# ":Z;N9C1,Xk9CXFfeV/t/C Windows ~q# |nPgfM'z t/S\\?\mw~qw.s,zMITZ>Xr6L(}M'zgf"v CLI | n#*"v CLI |n,zXkWHt/ CLI M'z# T CLI M'zC'xPO$ dCD~PD Server.authMechanism tT8(O$zFTk>X/6LM'z;p9C# 15hC* EKM 1,CLI M'zC'Xk+ EKMAdmin/changeME CwC'/\k4G < = ~ q w #( 9 C c h g p a s s w d | n I T | D K \ k # k N D Z 5 - 8 3 D :chgpasswd;# )Server.authMechanism tTD1!hCG EKM# Z KeyManagerConfig.properties D~P+ Server.
TZ Windows =(,CD~;GXhD# 20jI.s,ITt/S\\?\mw~qw#S\\?\mwM'zVZIT9 CyZYw53DC'/\kG<#k"b,;PJmGcOD http://support.dell.com,T Kb|`20j8E"# t/|nPgfM'z ":Xk+S\\?\mw~qwMS\\?\mw CLI M'ztTD~PD TransportListener.ssl.port tT,1hC*`,D5,qr|G+^((E#g{" zJb,kNDZ 6-2 3D:wT CLI M'zM EKM ~qw.dD(EJb;# S\\?\mw CLI M'zMS\\?\mw~qw9C SSL 4#$d(E#9C; xPM'zO$D1! JSSE dC1,S\\?\mw~qwO TransportListener.ssl.keystore ZD$iXkfZZ TransportListener.ssl.
~,}g clifile#CD~DZ;v|nXkG login |n,r*Z4PNN|n. 0*sM'zG<#}g,clifile I\|,TBZ]: login -ekmuser EKMAdmin -ekmpassword changeME listdrives ;s,*4PK|nD~,kt/ CLI M'z: java com.ibm.keymanager.admin.KMSAdminCmd CLIconfiglfile_name –filename clifile ;N4P;v|n (}8(?v|nD CLI userid_ID M\k,zIT;NKP;v|n#SNN| n0Zr shell P,dk: java com.ibm.keymanager.KMSAdminCmd ClientConfig.properties_name -listdrives -ekmuser EKMAdmin -ekmpassword changeME (9C chgpasswd |nIT|DK\k# )K1+KP|n,"RM'za0+ U9KP# CLI |n S\\?\mwa)D|n/ICZ(}|nPgfM'K
-rec1 # 8(ExzD$ip{(r\?j") -rec2 8(Exz$iDZ~vp{(r\?j")# -symrec 8(TF\?Dp{rExzD\?i{# >}: adddrive -drivename 000123456789 -rec1 alias1 -rec2 alias2 addkeygroup Z\?i XML P4(_P(;ij6D\?i5}# addkeygroup -groupID groupname -groupID CZ6p\?i XML D~PDiD(;i{# >}: addkeygroup -groupID keygroup1 addkeygroupalias *\?bPVPD\?p{4(BDp{,CZmS=X(\?ij6# addkeygroupalias -alias aliasname -groupID groupname -alias \?DBp{# -groupID CZ6p\?i XML D~PDiD(;i{# >}: addkeygroupalias -alias aliasname -groupID keygroup1 chgpasswd |D CLI M
>}: createkeygroup -password password deletedrive S\?\mwExzmq>}Exz#H,D|nP deldrive M removedrive# deletedrive -drivename drivename -drivename drivename 8(*>}DExzDrPE# >}: deletedrive -drivename 000123456789 delgroupalias S\?i>}\?p{# delgroupalias -groupID groupname -alias aliasname -groupID CZ6p KeyGroups.xml D~PDiD(;i{# -alias *}%D\?p{Dp{# >}: delgroupalias -groupID keygroup1 -alias aliasname delkeygroup >}{v\?i# delkeygroup -groupID groupname -groupID CZ6p KeyGroups.
>}: export -drivetab -url FILE:///keymanager/data/export.table help T>|nPgf|n{Mo(#H,D|nG ?# help import S8(D URL }: import -merge -drivetab -url FILE:///keymanager/data/export.table list (} config.keystore.file property Pv\?bP|,D$i# list [-cert |-key|-keysym][-alias alias -verbose |-v] -cert Pv8(\?bPD$i# -key Pv8(\?bDyP\?# -keys
listcerts (} config.keystore.file property Pv\?bP|,D$i# listcerts [-alias alias -verbose |-v] -alias p{+X($i8(xPm# -verbose|-v T>k$iPXD|`E"# >}: listcerts -alias alias1 -v listconfig Pvf"wPDS\\?\mwEKM ~qwdCtT,T43 KeyManagerConfig.properties D~D10Z]MI modconfig |nyvDNN|B# listconfig listdrives PvExzmqPDExz# listdrives [-drivename drivename ] -drivename drivename 8(PYDExzDrPE# -verbose|-v T>kExzPXD|`E"# >}: listdrives -drivename 000123456789 login G
modconfig ^DS\\?\mw~qwdCtTD~(4 KeyManagerConfig.properties)PDtT# H,D|nP modifyconfig# modconfig {-set | -unset} -property name -value value -set +8(DtThC*8(5# -unset }%8(DtT# -property name 8(?jtTD{F# -value value 1Q8(K -set 1,*?jtT8(BD5# >}: modconfig -set -property sync.timeinhours -value 24 moddrive ^DExzmqPDExzE"#H,D|nP modifydrive# moddrive -drivename drivename {-rec1 [alias] | -rec2 [alias]| -symrec [alias]} -drivename drivename 8(ExzDrPE# -rec1 # 8(ExzD$ip{(r\?j") -rec2 8(Exz$iDZ~vp{(r\?j")# -symrec
status T>\?\mwGt/ED9GXUED# >}: status stopekm XUS\\?\mw~qw# >}: stopekm sync +m;(S\\?\mw~qwODdCD~tTM/rExzmqE"k"<"<| nD\?\mw~qwODdCD~tTM/rExzmqE"xP,=# ":^[Z\?b9G KeyGroups.xml D~O,,==(<;pwC#b)
5-14 Dell S\\?\mwC'8O
Z 6 B Jb7( zITtCS\\?\mwD%vi~"`vi~,r_yPi~DwT&\# lib)X*D~T7(S\\?\mw~qwJb 1S\\?\mw^(t/1,ITli}vD~47(JbDy4# v native_stdout.log M native_stderr.log – IZS\\?\mw~qwZs(xLPKP,rK;PXF(4T>d#fD (*{"Mms{"#b){"+G<=b=vD~P# – g{S\\?\mw~qwtTD~|,tT debug.output.file,G4b=vD ~+4(ZkwTU>`,D?}"XB4(b=vD~# v sFU> – sFU>|,S\\?\mwxP&m1G
wT CLI M'zM EKM ~qw.dD(EJb EKM CLI M'zM EKM ~qw.dD(EGZ~qwMM'zdCtTD~PD TransportListener.ssl.port tTP8(DKZOxPD,xR(} SSL TdxP#$# TBGM'z^(,S= EKM ~qwDI\-rDPm#||,T>gN7(Jb" |}JbDwv=h# v EKM ~qw4ZKP,rKM'z;P*xP(EDTs# 1. S|n0Z"v netstat –an,"7OGqT> EKM ~qwtTD~PD TransportListener.ssl.port M TransportListener.tcp.portfrom tT8(DKZ#g{ ;PT>KZ,G4~qw;ZKP v EKM CLI M'ztTD~PD TransportListener.ssl.host tT;8rKP EKM ~ qwD}7wz# 1. EKM CLI M'ztTD~PD TransportListener.ssl.
2. XBdk|nTt/ KMSAdminCmd "|( KeyManagerConfig.properties D ~Dj{76#kND=< B,“S\\?\mwdCtTD~”Tq!|`E"# EKM ~qw4t/#XML *}]D~DD~{h*ZdCD~P8(# dCD~P1Y Audit.metadata.file.name u?# *@}KJb,+ Audit.metadata.file.name tTmS= KeyManagerConfig.properties dCD~# ^(t/ EKM.Mykeys#534R=8(DD~# 1. 1 KeyManagerConfig.properties PD\?bu?;P8rVPDD~1avV Kms{"# 2. *@}KJb,k7#TB KeyManagerConfig.properties D~PDu?8rV PD"P'D\?bD~: Admin.ssl.keystore.name TransportListener.ssl.truststore.name TransportListener.ssl.keystore.name Admin.ssl.
3. 1tTD~PXbD\?b;P`Mu?1,S\\?\mwY(d`M* jceks# ^(t/~qw#l}w_L"4t/MKP# "zKmsD;)-rP: 1. KeyManagerConfig.properties D~PDTB=vu?8rK`,DKZ: TransportListener.ssl.port TransportListener.tcp.port ?v+dl}w
m 6-1. S\\?\mw(fDms ms`E hv Yw EE02 S\A!{"'\: DriverErrorNotifyParameterError:“U=^'D ASC & ASCQ#ASC & ASCQ k\?4(/\ ?*k/\?q!DdP;vYw;`%d#” ExzksK;\'VDYw#k7#KPK nBf>DS\\?\mw(kNDZ 3-1 3 D:BXnBf\?\mw ISO 3q;T7( nBf>)#kliExzrzm~qwL~ Df>"y]h*+d|B*nBf#tC\ ?\mw~qwODwTzY#"TXB4( Jb"U/wTU>#g{JbT;fZ,k ND>vfo0f“kHDA”;ZPD“*5 Dell”,Tq!XZDS\\?\mw (k "zZ?`Lms#” NDZ 3-1 3D:BXnBf\?\mw ISO 3q;T7(nBf>)#kliExzrz m~qwL~Df>"y]h*+d|B*n Bf#tC\?\mw~qwODwTzY# "TXB4(Jb"U/wTU>#g{Jb T
m 6-1. S\\?\mw(fDms (x) hv ms`E 6-6 Yw EE29 S\A!{"'\:^'D){ EE2B S\A!{"ms:“DSK P;fZ){,r^ k7#KPKnBf>DS\\?\mw (k (i$ DSK PD){#” NDZ 3-1 3D:BXnBf\?\mw ISO 3q;T7(nBf>)#kliExzrz m~qwL~Df>"y]h*+d|B*n Bf#tC\?\mw~qwODwTzY# "TXB4(Jb"U/wTU>#g{Jb T;fZ,kND>vfo0f“kHDA”; ZPD“*5 Dell”,Tq!XZDS\\?\mw (kNDZ 3-1 3D:BXnBf\?\mw ISO 3q;T7(nBf>)#kliExzr zm~qwL~Df>"y]h*+d|B* nBf#tC\?\mw~
m 6-1. S\\?\mw(fDms (x) ms`E hv Yw EE31 S\dCJb:"zKk\?b`XDms# klizT<9Cr*1!5dCD\?j )#zIT(}9C listcerts |n,PvS\\ ?\mwIT9CD$i#g{z*@T:Z T<9C1!5,G4kZS\\?\mw~ qwOKP -drivename Exz{F |n,Ti $ExzDdCGq<7(}g,Exz5P EMX*p{/\?j)Gq}7)#g{Ov Exz;PX*Dp{/\?j),G4kli default.drive.alias1 M default.drive.alias2 D5# g{CYw;P'{rp{/\?j)fZ,G 4kU/wTU>"kND>vfo0f“kH DA”;ZPD“*5 Dell”,Tq!XZ}#k"v list -keysym |n"7#\ ?bP|,ksDp{# EEE1 S \ _ -
48(dCD~ D> Configuration file not specified: fied when starting EKM. KeyManager Configuration file not speci- 5w KMSAdmin |n*sdCD~w*|nPN}xP+]# 53l& Lr#9KP# Yw1l& ka)dCD~"XB"T|n# 4\mSExz D> Failed to add drive. Drive already exists. 5w r*ExzQdCKS\\?\mw"QfZZExzmqP,yT adddrive |n4 \4P# Yw1l& KP listdrives |n,TliExzGqQdCKS\\?\mw#g{ExzQf Z,G4IT9C moddrive |n4|DExzdC#KP help,Tq!|`E"# 4\i5U>D~ D> Failed to archive the log file. 5w ^(X|{U>D~# Yw1l& liD~(^MExzODUd# 4\>}dC D> "modconfig" command failed.
5w 4\(} modconfig |n>}S\\?\mwdC# Yw1l& 9C help li|no(,T7Oa)DN}Gq}7#klisFU>,q!|`E "# 4\>}Exzu? D> "deldrive" command failed. 5w deldrive |n4\SExzmq>}Exzu?# Yw1l& 9C help li|no(,T7Oa)DN}Gq}7#9C listdrives |n7OEx zQdCKS\\?\mw#klisFU>,q!|`E"# 4\ "import" command failed. 5w ^( "modconfig" command failed. 5w 4\(} modconfig |n^DS\\?\mwdC# Z 6 B Jb7( 6-9
Yw1l& 9C help li|no(,T7Oa)DN}Gq}7#klisFU>,q!|`E "# D~{;\*U D> File name was not supplied for audit log file. 5w sFD~{4(}S\\?\mwDdCtTa)#KN}*XhDdCN}# 53l& Lr#9KP# Yw1l& lirS\\?\mwa)DdCtTD~PGq(eKtT Audit.handler.file.name,""TXBt/# D~s!^5;\G:} D> Maximum file size for audit log can not be a negative number. 5w S\\?\mwdCD~PD Audit.handler.file.size tT5XkG}}# 53l& S\\?\mw4t/# Yw1l& k* Audit.handler.file.size 8(;vP'}5""TXBt/S\\?\mw# 49NN}],= D> No data can be found to be synchronized with “sync”.
dv^' D> Invalid input parameters for the CLI. 5w X(D|no(I\;}7# Yw1l& 7OdkD|nGq}7#9C help li|no(#7Oa)DN}Gq}7"XT# dCD~P SSL KZE^' D> Invalid SSL port number specified in the EKM configuration file. 5w dCD~Pa)D SSL KZE;GP'D}5# 53l& S\\?\mw4t/# Yw1l& t/S\\?\mw1*dCD~PD TransportListener.ssl.port tT8(P'D KZE""TXBt/# dCD~P TCP KZE^' D> Invalid TCP port number specified in the EKM configuration file. 5w dCD~Pa)D TCP KZE;GP'D}5# 53l& S\\?\mw4t/# Yw1l& t/S\\?\mw1*dCD~PD TransportListener.tcp.
XkZdCD~P8( SSL KZE D> SSL port number is not configured in the properties file. 5w SSL KZEGZdCtTD~Ph*dCDtT#|+CZ`v~qw73PS\\? \mw~qw.dD(E# 53l& S\\?\mw4t/# Yw1l& 8( TransportListener.ssl.port tTDP'KZE,;s"TXBt/S\\?\ mw# XkZdCD~P8( TCP KZE D> TCP port number is not configured in the properties file. 5w TCP KZEGZdCtTD~Ph*dCDtT#|+CZExzMS\\?\mw. dD(E# 53l& S\\?\mw4t/# Yw1l& 8( TransportListener.tcp.port tTDP'KZE,;s"TXBt/S\\?\ mw#1! TCP KZE* 3801# ~qw4\t/ D> EKM server failed to start. 5w S\\?\mw~qwIZdCJbx
Sync '\ D> “sync” command failed. 5w ,==vS\\?\mw~qw.d}]D Sync Yw'\# Yw1l& 7#*6LS\\?\mw~qw8(D IP X7}7,"RITCJCFcz#7# dCD~fZ,"|,}7DExzmqE"#9Cozli sync |no(#i4U >TKb|`E"# 8(DsFU>D~vIA D> The audit log file can not be opened for writing. 5w tT Audit.handler.file.name 8(DS\\?\mwdCPDsFU>D~;\r *,^(xP4k# 53l& S\\?\mw4t/# Yw1l& kliyxsFD~M? Keystore for Admin cannot be loaded. 5w ^(0ka)xS\\?\mwD admin \?b#Admin \?bCZ`v~qw73 PS\\?\mw~qw.dD~qwK(E# 53l& S\\?\mw4t/# Yw1l& lid
ba)D\krZ|nPOdkD\k}7#"TXBt/S\\?\mw# ^(0k\?b D> Keystore for EKM can not be loaded. 5w ^(0k8(xS\\?\mwD\?b# 53l& S\\?\mw4t/# Yw1l& lidCD~hC#7#S\\?\mwdCD~PDtT config.keystore.file" config.keystore.provider M config.keystore.type }7,\?bD~fZ,"_P AmI(#7#(} config.keystore.password tT*S\\?\mw\?ba)D \krZ|nPOdkD\k}7#"TXBt/# ^(0k+d\?b D> Transport keystore cannot be loaded. 5w ^(0ka)xS\\?\mwD+d\?b#+d\?bCZ`v~qw73PS \\?\mw~qw.dDM'zK(E# 53l& S\\?\mw4t/# Yw1l& lidCD~hC#7#S\\?\mwdCD~PDtT transport.keystore.
Yw1l& 9Cozli|no(,;sXT# Z 6 B Jb7( 6-15
6-16 Dell S\\?\mwC'8O
Z 7 B sFG< ":>BPyhvDsFGBPTq=xPKG<,Tzc3)sFGsFG<4 k=;i3rD~P#sFS534k=DD~d?(|(Q4(D+?D3rD~)PDE"?v$C+sx,v D~53DICUd,zI\*rLr4`XQdCDsF?;C;se}D~#"bKP1;*}%r|DS \\?\mw}4kG
>} KdC5D;v>6*: Audit.event.types=all m;>}*: Audit.event.types=authentication;runtime;resource_management Audit.event.outcome o( Audit.event.outcome={outcome[;outcome]} C> CZ8>B~D"zGIZYwI&rYw'\9G=_<&Csi#+IZYwI &x"zD*GkU>DB~8(* success#+IZYw'\x"zD*GkU>D B~8(* failure# >} KdC5D;v>6*: Audit.event.outcome=failure *tCI&M'\=vB}: Audit.event.outcome=success;failure Audit.eventQueue.max o( Audit.eventQueue.max=number_events C> CZhCf"wSPP\#fDB~TsDns}?#KN}GI!D+(izTd xPhC#1!5Gc# >} Audit.eventQueue.
>} +? KN}CZ8>sFD~XUs4kBDsFD~1Ds!^F#k"b:nsDs FD~I\a,vK58vVZ,r*D~GZQ,vKs!^FsEXUD# >} *+nsD~s!hC*s< 2 WVZ,kdk: Audit.handler.file.size=2000 Audit.handler.file.name o( Audit.handler.file.name=fileName C> 9CKN}48(y>D~{,Z8(DsF?D~ 1Dy>{F#k"b,KN}Xkv|,y>D~{,;\|,+^(76{#s FU>D~D+{+=SPkD~4kD1d`T&D5# *K5wb;c,RGY(Z;v>}P Audit.handler.file.name D5;hC* ekm.
>} +y>{FhC* true D}SG: Audit.handler.file.multithreads=true Audit.handler.file.threadlifespan o( Audit.handler.file.threadlifespan=timeInSeconds C> KN}CZ8(*4ksFU>u?,Z{_L_PDn$1d#K5Z{mxLZ d9C,9_L\;ZPO.0jI$w#g{s(_LZI threadlifespan N}8(D 1dZ9;PjId$w,G4Z{mxL1,_L+;PO# >} *+4ksFU>D_LDZ{1dhC* 10 k,8(: Audit.handler.file.threadlifespan=10 sFGKsF G
m 7-1. S\\?\mw4ksFD~DsFG<`M (x) sFG<`M sF`M hv }],= data_synchronization CZG<}],=&m KP1 runtime CZG# }],=B~ b)G
resource=resource action=action user=user ] k"b message M user 5vZdE"IC1ET># J4\mB~ b)G# dC\mB~ b)G# sFB~ m 7-2 hvK
m 7-2. @UsFB~DsFG<`M (x) sFB~ sFG<`M SExzSU={" runtime &m4TExzD{"1vm runtime SExzSUD{"vm runtime 9CSExzSU=DE"|BExzmq1 runtime vm lwExzmqDE"1vm runtime lw\?bDE"1vm runtime &m\?bD$i1vm runtime iR\?bD(C\?1vm runtime Fc\k51vm runtime QI&&m{";; runtime Qt/{"&m runtime Qt/|nP&m runtime 9C\k~q1"VJb runtime "VBDExz runtime +ExzdC=Exzmq1vm runtime QI&*<&mExzD{" runtime QSU"&m stopekm |n runtime SExzmqP}%Exz resource_management SExzmqP}%Exz1vm resource_management I&
m 7-2. @UsFB~DsFG<`M (x) 7-8 sFB~ sFG<`M
Z 8 B 9C*}] XkTS\\?\mwxPdC,E\4(CZZ}];S\M4=Ex16qX* E"D XML D~#CD~I(}m5PExPi/,TT>CZmDp{r\?j )#`4X,CD~2IT(}p{xPi/,TT>k\?j)/p{X*DyP m# ":g{z4dC*}]D~,S\\?\mw+^(t/# 4PS\&m1,S\\?\mw+U/TB}]: v ExzrPE v Exz+r{F v 4(UZ v \?p{ 1 v \?p{ 2 v DKi v m5PE U/D}]o=;(^F1,+;4= XML D~#IZS\\?\mwtTD~ (KeyManagerConfig.properties)PxPhCD1!^F5* 100 uG<#D~;4s, ;*S\\?\mw&ZKP4,,MIT;i/#*K@9D~dC}s,+Zo =nsD~s!s,T/*f=m;vBD~P#*fD1!nsD~s!* 1 MB, |2ITZS\\?\mwtTD~PxPhC#;#f10M;vT0DD~f >#ZS\\?\mwdCtTD~PhCD5*: Audit.metadata.file.
"b:TZ LTO 4 M LTO 5 Exz,+;P G
at at at at javax.xml.parsers.DocumentBuilder.parse(Unknown Source) com.ibm.keymanager.tools.EKMDataParser.a(EKMDataParser.java:136) com.ibm.keymanager.tools.EKMDataParser.a(EKMDataParser.java:26) com.ibm.keymanager.tools.EKMDataParser.main(EKMDataParser.java:93) g{Kms"z,G4GIZ3v*X1Y XML axjG#ITV4S\\?\mw *}]D~,Tc EKMDataParser YNbvCD~# 1. 4(S\\?\mw*}]D~D8]1># 2. `-CS\\?\mw*}]D~# 3.
8-4 Dell S\\?\mwC'8O
=< A. D~>} t/X$LrE>y> /f: ;\dEXhv#t\?b}]DX*T#g{;PT\? bDCJ(,G4+;\;TQS\Exb\#k7##f\?b M\kE"# Linux =( TBG9z\;TJmD==%ts(PD EKM Dy>E>#CE>t/ EKM," (}E>+k\?b\k keystore_password#(}bV=(,\?b\kM^hvVZ EKM dCP# (kNDBfD5w) #TBZ]&|,ZE>D~P: java com.ibm.keymanager.KMSAdminCmd KeyManagerConfig.properties <+\?b\kdk= EKM P(4 EKM dCD~;|,\?b\ k),G4Z8] EKM 1,^h+b)D~(dCD~"ExzmqM\?b8 ]D~)S*z\D~,+GXk2+xRI4-Xf"|,\?b\kDE> (}g,Z`v;CfE`v1>)#\?b\kGz\E",xRXkTK=( xP&m#2+X8]E>D~1D!nk8]|
TransportListener.ssl.clientauthentication = 0 TransportListener.ssl.keystore.name = /keymanager/testkeys TransportListener.ssl.keystore.type = jceks TransportListener.ssl.port = 443 TransportListener.ssl.protocols = SSL_TLS TransportListener.ssl.truststore.name = /keymanager/testkeys TransportListener.ssl.truststore.type = jceks TransportListener.tcp.port = 3801 bG EKM tTD~D>},|_P8r;,\?bDyP\?bu?#VeDu?k OfZ;v>}tTD~;,# Admin.ssl.keystore.name = /keymanager/adminkeys.jceks Admin.ssl.keystore.
=< B. S\\?\mwdCtTD~ S\\?\mwh*=vdCtTD~:;vCZS\\?\mw~qw,;vCZ CLI M'z#?vD~d CtTD~# S\\?\mw~qwdCtTD~ TBS\\?\mw~qwdCD~(KeyManagerConfig.properties)|,K;Wj{ DtT#D~PDtThC)%^X#D~PI\vV"M#*kmS;v"M,k 9C;PDZ;PPD :#;# ":T KeyManagerConfig.properties D~yvD^DI\ZXUD1rPy*'#rK k7#Z`-dCtT0;PKPS\\?\mw~qw#*XUS\\?\m
Admin.ssl.keystore.type = value y9CD\?b`M# Xh I!# 1!5 jceks Admin.ssl.protocols = value 2+-i# Xh I!# 5 SSL_TLS | SSL | TLS 1!5 SSL_TLS Admin.ssl.timeout = value h(WSVZSzWSV1d,vl#.0H}D1d# Xh I!# 5 kh(VS}#0 b6E;P,1 1!5 1 Admin.ssl.truststore.name = value bG}]bD~D{F,C}]bD~CZli~qwr2+WSVM'za )D2+WSV~qw$iDEC# Xh I!#vCZ sync |n#1!hC* config.keystore.file tTD5# Admin.ssl.truststore.type = value y9CD\?b`M# Xh I!# 1!5 jceks Audit.event.outcome = value vG<8(a{PzIDsFB~ Xh G# 5 I& | '\#I8(=_,"h*
1!5 +? Audit.handler.file.directory = ../audit +fE Audit.handler.file.name D?< Xh I!#(i# Audit.handler.file.multithreads = value 8(sF&mLrGq&+%@D_LVIxxLsFG<# Xh I!# 5 true | false 1!5 true Audit.handler.file.name = kms_audit.log +G
config.keygroup.xml.file = value 8(4\?if"wvp{D XML D~D{F# Xh I!# config.keystore.file = value 8(*9CD\?b# Xh G# config.keystore.password = password CJ config.keystore.file D\k#Z8(\k1,CtTD5TZd{2+TG HO#}D,tTD~PDZ{F>m+;|{* 0config.keystore.password.obfuscated1DBZf;# Xh I!#g{4a),+ZS\\?\mwUt/1xv;va ># config.keystore.provider = IBMJCE Xh I!# config.keystore.type = jceks Xh I!#(i# 1!5 jceks debug = value tC8(S\\?\mwi~DwT# Xh I!# 5 +? | sF | ~qw | I}/ | config | admin | +d | _| \?b | XF( | ^#IIC`vI:E
fips = value *nE"&mj<#PX|`E",kNDZ 2 BD0*nE"&mj< 140-2 "bBn1# Xh I!# 5 r* | XU 1!5 XU maximum.threads = 200 S\\?\mwI4(Dns_L}# Xh I!# Server.authMechanism = value 8(+CZ>X/6LM'zDO$zF#15hC* EKM 1,CLI M'zC' Xk9C usr/passwd w* EKMAdmin/changeME 4G<=~qw#(I9C chgpasswd |n|DC\k# )158(* LocalOS 1,+jIT>XYw53 "amDM'zO$# (|D KeyManagerConfig.properties D~.0,kqXX US\\?\mw~qw# )CLI M'zC'Xk9C OS usr/passwd G<=~ qw#TZyZ Linux 1. S http://support.dell.
symmetricKeySet = {GroupID | keyAliasList [, keyAliasList,]} 8(*CZ LTO 4 M LTO 5 ExzDTF\?p{M\?i# Xh I!#vJCZ LTO 4 M LTO 5 P=Ex# 5 * GroupID 8(;v5,r* keyAliasList 8(;vr`v 5# GroupID 8(*9ITF\?PmD\?i{F,"Z;P* Exz8(p{1d11!{F#GroupID Xkk KeyGroups.xml D~PDVP\?ij6%d#g{;%d,G 4+5X KeyManageException#g{8(K`v GroupID,G 4+5X KeyManagerException#1z8(P'D GroupID 1,+zY\?i XML P9CDO;v\?,"Z?NST F\?iPmD KeyGroups.xml wC getKey 1fz!q9C B;v\?#keyAliasList D?vf6|, keyAlias r keyAliasRange D5# keyAlias 8(n` 12 vV{D Backus-Naur
Xh I!# 5 T!1*%;8(# 1!5 24 sync.type = value 8(*4PT/,=D}]# Xh I!# 5 config | drivetab | +? 1!5 drivetab TransportListener.ssl.ciphersuites = JSSE_ALL CZZS\\?\mw~qw.dxP(ED\kW~#\kW~hvKCZ }]+dD\kc("UV-i+dc2+T(TLS)M2+WSVc (SSL) # Xh I!# 5 5 – IBMJSSE2 'VDyP\kW~# TransportListener.ssl.clientauthentication = 0 ZS\\?\mw~qw.dxP(Eyh*D SSL O$# Xh I!# 5 0 - ^M'zO$(1!) 1 - ~qwh*TM'z4PM'zO$ 2 - ~qwXkTM'z4PM'zO$ TransportListener.ssl.keystore.name = value S\\?\mw~qwCZ#f2+WSV~qwD$iM(C\?D}]b {F#C$ia)x2+W
TransportListener.ssl.protocols = SSL_TLS 2+-i Xh I!# 5 SSL_TLS(1!5)| SSL | TLS TransportListener.ssl.timeout = 10 8(Z*z SocketTimeoutException .0WSVH= read() D1d# Xh I!# 5 kh(VS}# 1!5 1 TransportListener.ssl.truststore.name = value CZi$d{M'zM~qwD+C\?M){$iD}]bD{F#g{ TransportListener.ssl.clientauthentication tT4hC*1!5 0(^M'zO$), G4d12+WSV~qwDS\\?\mw~qwXk9CKD~O$M' z#S\\?\mwM'z99CCEN\?bkS\\?\mw~qwT 0,"d12+WSVM'z# Xh G# TransportListener.ssl.truststore.
(KeyManagerConfig.properties)PD TransportListener.ssl.ciphersuites 8(D5`%d# TransportListener.ssl.host = value 7(S\\?\mw CLI M'zDS\\?\mw~qw# Xh I!# 5 IP X7rwz{ 1!5 >Xwz >} TransportListener.ssl.host = 9.24.136.444 TransportListener.ssl.host = ekmsvr02 ":;Z KeyManagerConfig.properties D~P9C# TransportListener.ssl.keystore.name = value S\\?\mwM'z99CC\?bkS\\?\mw~qwT0,"d1 2+WSVM'z# Xh G# TransportListener.ssl.keystore.type = jceks \?bD`M# Xh I!#(i# 1!5 jceks TransportListener.ssl.
B-10 Dell S\\?\mwC'8O
=< C. #{Jbbp GqITiO9CyZ&CLrD\?\mM53\mDS\rb\mDS\? ;\#19C&CLr\mDS\1,S\ZbcOG8wD#,y,19Cb\ mDS\1,K}LZd{cOG8wD#S\\m=(.dG%bD#TZ b\ mDS\,^h|D&CLr# XkZ?vI\zIExS\rb\ksD53O20MKPS\\?\mwp? (}b\mDS\,zIExz4kksD53^hGKPS\\?\mwD5 3#Kb,S\\?\mwD5}^hZCJS\ExzD?v53OKP# g{R|,K0drive.acceptUnknownDrives = True1N},GqTh*ZdCD~ P|,0config.drivetable.file.url = FILE:/filename1N}? Xk
C-2 Dell S\\?\mwC'8O
yw Lj >DP9CDLj:Dell"Dell UjM PowerVault yGtZ Dell Inc. DLj#Microsoft M Windows G Microsoft Corporation D"aLj#Z>D5PI\99CKd{Lj ML7{F48yw5PCjGk{FD5erdz7#Dell Inc.
D-2 Dell S\\?\mwC'8O
Jcm >Jcm(eK>vfoMd{`XvfoP9C DXbuo"u4MWV8u4J# A 2B3 AES: _6S\j<#@z~.ICw*S\j
E-2 Dell S\\?\mwC'8O
w} 20MdC dCtT [J] [A] S\ 4-1 20(install)Linux(Intel) 3-1 TFS\ 1-5 GTFS\ 1-5 +C\? f. X8(m~) b\m 1-5 \? 1-5 Windows [C] vfo *z(online) t/ 1-5 |nPgf t/MXU x Windows x 4(\?b S\\?\mw GUI f. 2-1 S\\?\mw(fDms(reported error) 6-5 E-1 EL}/w,\'V 2-2 ms(errors) S\\?\mw(fD S\(encryption) S\\?\mw(fDms(reported error) 6-5 bvJb S\(with encryption) 6-5 [K] wT b\mExS\ 1-5 B-4 [M] [F] ~qw(server) dC(configurations) 2-7 kd{~qw,= 4-2 [G] |D\?bX\(changing keystore passwords) 3-11 2mEx 2-9 \m 5-1 f.
*}](metadata) [W] Jb7( W 8-1 6-1 Windows *liDD~ 6-1 Jb,7(Mbv(problems, determining and resolving) S\(with encryption) 6-5 [Z] f. 2-8 wz IP X7 X XML *}]D~(XML metadata 3-8 (C/+C\? file) 2-9 {" XkZ config D~P8( SSL KZE 6-12 XkZ config D~P8( TCP KZE 6-12 ;\'VDYw 6-14 49NN}]5V,= 6-10 48(dCD~ 6-8 ^(0k+d\?b 6-14 ^(0k\?b 6-14 ^(0k admin \?b 6-13 8(DsFU>D~vIA 6-13 sync '\ 6-13 {"(messages) 6-7 ~qw4\t/(Server failed to start) 6-12 dCD~P SSL KZE^'(Invalid SSL port number in config file) 6-11 dCD~P TCP
