Installing User-Provided Certificates - Quantum Scalar i6000 User Manual

Quantum Scalar i6000 User's Guide

Installing User-Provided Certificates

Follow these instructions to install your own TLS certificates, or when
installing TLS certificates for RKM or KMIP. When providing your own
certificates, it is assumed you understand the concepts of PKI and can
access the tools or third-party resources needed to generate or obtain
certificates.
Note: If you are using SKM, you must be running SKM 1.1 or higher
on your SKM servers in order to install your own TLS
certificates.
Note: If you are using RSA or KMIP, your server provider will provide
TLS communication certificates.
You need to provide the following certificates:
Encryption
System Certificates Required
Q-EKM • Root Certificate (also called the CA certificate,
SKM • Root Certificate (also called the CA certificate,
• Client Certificate
• Admin Certificate
RKM • Root Certificate (also called the CA certificate,
• Client Certificate
KMIP-compliant • Root Certificate (also called the CA certificate,
key
management
• Client Certificate
These files must be in the proper format, as follows. If any of the
following requirements is not met, none of the certificates will be
imported.
• The Root Certificate must be 2048 bits.
• The Root Certificate must be in PEM format.
Chapter 8: Encryption Key Management
Setting up EKM on the Scalar i6000
or Certificate Authority Certificate)
or Certificate Authority Certificate)
or Certificate Authority Certificate)
or Certificate Authority Certificate)
291