Quantum Scalar i6 - Requirements for Installing User-Provided TLS Certificates

Quantum Scalar i6

44 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

Installing TLS Certificates on the SKM Server for Pre-SKM 2.4 (240Q) 27

Scalar Key Manager 2.5

Note: Remember, you must repeat all preceding steps on the secondary SKM

server.

16 Proceed to Configuring Your Library For SKM on page 38.

Requirements for

Installing User-provided

TLS Certificates

When providing your own certificates, it is assumed you understand the concepts of PKI

and can access the tools or third-party resources needed to generate or obtain

certificates.

Note: You must be running SKM 1.1 or higher on your SKM servers in order to install

your own TLS certificates.

Note: If you install your own TLS certificates on the SKM server, you must also install

your own certificates on the library. Similarly, if you use the Quantum-provided

TLS certificates on the SKM server, you must also use the Quantum provided TLS

certificates on the library. Some newer libraries come with Quantum-provided

TLS certificates pre-installed, and other newer libraries require certificate

installation. See your library user’s guide for instructions on how to verify

whether TLS certificates are installed on the library and how to install them.

You need to provide the following certificates:

• Root Certificate (also called the CA certificate, or Certificate Authority Certificate)

• Server Certificate

• Admin Certificate

These files must be in the proper format, as follows. If any of the following requirements

is not met, none of the certificates will be imported.

• The Root Certificate must be 2048 bits.

• The Root Certificate must be in PEM format.

• The Admin and Server certificates must be in pkcs12 (.p12) format, with a separate

certificate and private key contained in each.

• The Admin and Server certificates must be signed by the Root Certificate.

• Certificates must have the Organization name (O) set in their Issuer and Subject info.

• The Admin certificate must have its Organizational Unit name (OU) set as

“akm_admin” in its Subject Info.

• The same Root Certificate must be installed on the SKM servers and the library.

• All the certificates must have a valid validity period according to the date and time

settings on the SKM server.

Table of Contents

Other manuals for Quantum Scalar i6

Quick Start2 pages

Related product manuals

Quantum Scalar i3

Preview: Quantum Scalar i40

Quantum Scalar i40

Quantum Scalar i80

Preview: Quantum Scalar i500

Quantum Scalar i500

Preview: Quantum Scalar i6000

Quantum Scalar i6000

Preview: Quantum Scalar i2000

Quantum Scalar i2000

Preview: Quantum Scalar 1000

Quantum Scalar 1000

Preview: Quantum LTO-8 HH SAS

Quantum LTO-8 HH SAS

Preview: Quantum LTO-9 HH SAS

Quantum LTO-9 HH SAS

Preview: Quantum Superloader 3

Quantum Superloader 3

Preview: Quantum StorNext M660

Quantum StorNext M660

Preview: Quantum DXi6701

Quantum DXi6701