Item | Requirements |
---|---|
Protocols | KMIP v1.0, v1.1, v1.2, v1.3, v1.4 |
Products | Thales/Gemalto: CipherTrust Manager k170v/k470v/k470/k570 |
Certificates | To connect to the KMIP server, you must upload the following certificates to the storage system:
Contact the KMS administrator for information about these certificates. The client certificate must be converted to PKCS#12 format. In addition, client certificates before converting to PKCS#12 format must be signed by the Certificate Authority of the KMS. Please pay attention to the expiration date when preparing the certificate. When the certificate expires, you will not be able to connect to the KMS. |
SSL/TLS communication | For SSL/TLS communication and certificate requirements between the storage system and the KMS, see the System Administrator Guide. |
Number of KMSs | Up to two other KMSs can be registered. If two KMSs are registered, they must be clustered together. It is recommended to register two KMSs. |