Configuring the user account lockout settings, Clustering procedures, Creating a cluster – HP Secure Key Manager User Manual

6.

Use the Username Field in Client Certificate field to specify which field in the client certificate must

contain a valid username. This setting is optional.

7.

Select Require Client Certificate to Contain Source IP to specify that the client certificate must contain

the client’s IP address in the subjectAltName field. This setting is optional.

8.

Click Save.

Configuring the user account lockout settings

To configure the user account lockout settings:

1.

Log in to the Management Console as an administrator with KMS Server access control.

2.

Navigate to the User Account Lockout Settings section of the KMS Server Configuration page (Device

> KMS Server > KMS Server).

3.

Click Edit.

4.

Select Enable Account Lockout to prevent a user from logging in to the server for a given duration

after a specified number of failed login attempts.

5.

Enter a value in the Number of Failed Authentication Attempts Before Account Lockout field.

6.

Enter a value in the Account Lockout Duration field. This is the period of time during which the

account is not available during lockout.

7.

Click Save.

Clustering procedures

Creating a cluster

You create a cluster on one SKM and then join other members to that cluster. To create a cluster:

1.

Select an SKM to be the first cluster member. This device cannot currently be a member of a cluster.

2.

Log in to the Management Console as an administrator with Cluster access control.

3.

Navigate to the Create Cluster section on the Cluster Configuration page (Device > Cluster).

4.

Enter the Local IP, Local Port, and Cluster Password.

5.

Click Create Cluster.

Joining a cluster

Before joining a cluster, make sure that the KMS Server does not already belong to another cluster. SKMs

can belong to only one cluster at a time. To join a cluster:

1.

Log in to the Management Console of a current cluster member as an administrator with Cluster

access control.

2.

Navigate to the Cluster Settings section of the Cluster Configuration page (Device > Cluster).

3.

Click Download Cluster Key to save the key on your local file system. The cluster key contains

authentication information used when passing information between cluster members.

4.

Log in to the SKM that you want to add to the cluster and navigate to Join Cluster section on the

Cluster Configuration page. Enter the Local IP, Local Port, Cluster Member IP, Cluster Member Port,

and Cluster Password. Enter the location of the cluster key in the Cluster Key field.

Secure Key Manager

59