Installation Manual

ManualsBrandsHP ManualsComputers & AccessoriesHigh-End HP ProLiant DL360P G8 Server 2 x 2.90Ghz E5-2690 8C 192GB 8x Caddies (Certified Refurbished)

271

272

273

274

275

276

277

278

279

280

2. Enter the following information:

• Primary Key Server—The primary key server hostname, IP address, or FQDN and

port. This string can be up to 79 characters long.

• Secondary Key Server—The secondary key server hostname, IP address, or FQDN

and port. This string can be up to 79 characters long.

3. Optional: For configurations with a primary and secondary key server, select the Require

Redundancy check box to check for server redundancy.

Hewlett Packard Enterprise recommends enabling this option. When this option is disabled,

iLO will not verify that encryption keys are copied to both of the configured key servers.

4. Click Apply.

Adding key manager configuration details

1. Navigate to the Administration→Key Manager page.

The listed iLO Account on ESKM account name is ilo-<iLO MAC address>. The account

name is read-only and is used when iLO communicates with the ESKM.

2. Enter the following information in the Key Manager Configuration section:

• Group—The Local Group created on the ESKM for use with iLO user accounts and the

keys iLO imports into the ESKM. When keys are imported, they are automatically

accessible to all devices assigned to the same group.

• ESKM Local CA Certificate Name (optional)—To ensure that iLO is communicating

with a trusted ESKM server, enter the name of the local certificate authority certificate

in ESKM. It is typically named Local CA and is listed in ESKM under Local CAs. iLO

will retrieve the certificate and use it to authenticate the ESKM servers for all future

transactions.

• Login Name—The Local User name with administrator permissions that is configured

on the ESKM. This user name is the ESKM deployment user.

The deployment user account must be created before you add key manager configuration

details in iLO.

• Password—The password for the Local User name with administrator permissions that

is configured on the ESKM.

3. Click Update ESKM.

iLO verifies that an account named ilo-<iLO MAC address> exists on the ESKM.

If the account exists, iLO verifies that the account password is correct. iLO generates this

password automatically.

If the password is incorrect, iLO updates the password. The password might be incorrect if

iLO was restored to the factory default settings.

If the account does not exist, iLO creates it.

If iLO is not a member of an ESKM Local Group, it will try to create a group with the requested

name. If iLO is already a member of an ESKM Local Group, it will ignore the group entered

in Step 2, and will use the existing group assignment that is present on the ESKM. Attempted

group changes in iLO do not affect current key group permissions that are set on the ESKM.

If a new group assignment is needed, update the ESKM before updating the iLO settings.

If you entered the ESKM Local CA Certificate Name in Step 2, certificate information is

listed in the Imported Certificate Details section of the ESKM page.

See the Secure Encryption installation and user guide for more information about groups and

their use with key management.

272 Using iLO with other software products and tools