Manualshelf

HP StoreEver 1/8 G2 Tape Autoloader and MSL Tape Libraries User and Service Guide Addendum (AK378-96068, September 2013)

ManualsBrandsHP ManualsStorageHP StoreEver MSL2024 1 LTO-6 Ultrium 6250 SAS Library w/24 LTO-6 Media/TVlite
12345678910
4. Enter the request information and then click Sign Request.
Sign with Certificate Authority Verify that the desired Certificate Authority is selected.
Certificate Purpose Select Client.
Certificate Duration (days) Enter the desired duration.
Certificate Request Paste the certificate request obtained from the autoloader or library
RMI. See “Generating the client certificate request (page 8).
The result will be the signed client certificate, which will be used in “Installing the signed client
certificate (page 9).
Installing the signed client certificate
Install the client certificate in the Configuration: Security page.
1. Using a text editor, copy the contents of the signed certificate and paste it into the Signed
Certificate field. Include all of the certificate text, including the ---BEGIN CERTIFICATE---
and ---END CERTIFICATE---.
2. Click Upload.
Once the autoloader or library has validated the signed certificate, it will display the Apply
New Certificate Settings button.
3. Click Apply New Certificate Settings to save the settings.
Configuring access to the key servers
Configure the KMIP servers in the KMIP Server Configuration pane of the Configuration: Security
page. You can configure a cluster of up to six KMIP servers. The autoloader or library will
automatically use a different configured KMIP server if a connection fails.
Enter the hostname or IPv4 address of a KMIP server in the Server X IP/Hostname field. The Port
must be 5696 unless the KMIP server is already configured to use a different port. Click Submit
Query.
Enabling KMIP-based encryption
Enable KMIP-based encryption from the KMIP Encryption Configuration pane of the Configuration:
Security page. If the library is partitioned into multiple logical libraries, encryption can be enabled
for one or more logical libraries or partitions.
Verifying that the KMIP integration feature is working
HP recommends verifying that the encryption process is working before placing the autoloader or
library into a production environment. This is often called an end-to-end verification test. The
following steps describe how an end-to-end verification test can be conducted.
Connectivity test: Verifies that the autoloader or library can connect with each of the configured
key servers. See “Connectivity test (page 10).
Configuring the KMIP feature 9