Filter
Top Products
Chapter 11 System Management
11.2 Functions in the Action Area for System
ETERNUS Web GUI User’s Guide
Copyright 2013 FUJITSU LIMITED P2X0-1090-10ENZ0
836
3 Click the [OK] button.
→ Setting of the key management device name starts.
4 Click the [Done] button to return to the [Key Management] screen.
End of procedure
11.2.6.3 Add Key Server
This function adds a key server.
A key server is an external server that manages the key. By using the key server to obtain and update the key
via SSL to establish secure communication with the ETERNUS DX Disk storage system, an environment in
which the key can be managed more safely can be created. Up to two key servers can be registered.
For the key server, use a server in which "ETERNUS SF KM" (key management software that applies the Key
Management Interoperability Protocol (KMIP)), is installed. Note that "IBM Tivoli Key Lifecycle Manager" is
also available as the key management software.
The procedure to add a key server is as follows:
Procedure
1 Click [Add Key Server] in [Action].
If the entered "Key Management Machine Name" does not satisfy the input conditions, an error screen
appears.
• The key server cannot be added when the common key (*1) is not registered. Refer to "11.2.13.7 Register
SED Authentication Key" (page 944) for details.
*1: The common key for SEDs that are managed in the ETERNUS DX Disk storage system.
• By using a key server to manage the key, the ETERNUS DX Disk storage system can obtain the key from
the key server when required. For example, the key is obtained when RAID groups are added to the key
group or when maintenance is performed for SEDs that configure a RAID group in the key group. Make
sure that communication is always maintained between the ETERNUS DX Disk storage system and the key
server. To obtain the key from a key server, the key server must respond to the ETERNUS DX Disk storage
system within 30 seconds. Do not use the key server function in an environment in which a network
timeout may occur.