beautypg.com

Dpm key vault high availability deployment – Brocade Fabric OS Encryption Administrator’s Guide Supporting RSA Data Protection Manager (DPM) Environments (Supporting Fabric OS v7.2.0) User Manual

Page 161

background image

Fabric OS Encryption Administrator’s Guide (DPM)

141

53-1002922-01

Steps for connecting to a DPM appliance

3

Registration File: This file is created as /etc/fabos/certs/sw0/DpmReg_. The
registration file contains the current registration status of the client. A sample registration file
before successful registration with the DPM server is provided.

client.registration_state = 0

client.actmgmt_enable = 0

client.app_name = B10_00_00_05_1e_53_89_eb

client.actmgmt_poll_interval = 0

During a successful key vault connection and client registration, the registration file is updated
with the information provided by the DPM server. A sample registration file showing successful
registration with the DPM server is provided.

client.actmgmt_enable = 0

client.policy_signature =

jGvUbFqw4iw64YB0MHrSbMeaVN9hd7EXFFQkUFMxd71kUd0NWSjl/pJO5mt4quppYdsvllgyXg

e8NdTbvsOGdtDGJxjpvRjQyi4YqWm/kzLiFlwRGMKcf2kkhDMdW3Is+cvUBmLJNiPkNCJ7xAYV

aJ2tpWiQ/mBJfrTw7uuCcZY=

client.rkm_svr_public_key =

MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1Q73enodAh4FOY3YobU7d+DO6LZynnzbmYQ

Sztn+JzxuuvUgzakKtKJO5FD+nWnDpcz9dd8ZHY7Gq2IMQBl5GL8Sjw6eGOklw7qG5Lojlcuiz

XJ6hBk7sp1fEw1PRHb5v219IqoplAVB8masw+eYb9T0gssQQRepTGrmqzCCAXQIDAQAB

client.app_id =

0eeef136-f84b-4cd8-9d1a-1c5cdf86bd12-db26194e-9883-4aa6-8d62-ca98420fd016

client.policy_name = DEFAULT_POLICY

client.applicationpolicy = 000102030405060708091011

client.app_name = B10_00_00_05_1e_53_89_eb

client.registration_state = 3

When the registration process is completed successfully, the registration state will be 3. If the
state is 0, registration is in progress.

DPM key vault high availability deployment

When dual DPM appliances are used for high availability, the DPM appliances must be clustered
and must operate in maximum availability mode, as described in the DPM appliance user
documentation.

When dual DPM appliances are clustered, they are accessed using an IP load balancer. For a
complete high-availability deployment, the multiple IP load balancers are clustered, and the IP load
balancer cluster exposes a virtual IP address called a floating IP address. The floating IP address
must be registered on the Fabric OS encryption group leader using the cryptocfg

--

reg

-

keyvault

command.

Neither the secondary DPM appliance nor individual DPM appliance IP addresses should be
registered. The command to register a secondary DPM appliance is blocked, beginning with
Fabric OS 6.3.0.

See also other documents in the category Brocade Computer Accessories: