![]() Note that the following parameters are not references to NetBackup entities but, rather, are ECA entities which would be provided to the NetBackup administrators by whomever administers their ECA: Nbkmscmd -precheckKMSConfig -kmsServerName -port -certPath -privateKeyPath -trustStorePath ![]() Go to the NetBackup master server and execute following command: Once the user is created, the credentials (private key, certificate and trust store/CA certificate that are saved in previous step) can be used to pre-check the communication with the external KMS. If you want NetBackup to be able to create keys, then a user with permission Key Users generally can both list and create keys.ĥ. Make sure the user has sufficient permission to read keys at the minimum. In this example, the Key Users permissions are being granted. Click on the user that was created and assign the required permissions. Go to Users page and create a new user that matches the common name in the certificate that was created in Step 1:Ĥ. Open Gemalto web UI and log in with Administrative credentialsģ.Get a certificate from the external CA and save private key, certificate and trust store for later use.Perform the following steps if external CA certificates are being used in the environment: Scenario 1: External KMS is using external CA certificates. So there are two possible scenarios, either using an external CA or using a local CA for certificates. NetBackup only supports certificate-based trust setup. ![]() Phase 1: Setting up trust between the External KMS server and NetBackup. To use an External KMS server with NetBackup 8.3 or above, the configuration needs to be performed in two phases. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |