Installation and full-disk encryption
21Administration manual 4603.7988.02 ─ 03
●
Secure Boot enabled on UEFI-based workstations (see Chapter 3.4, "Configuring
Secure Boot (UEFI/GPT)", on page 18)
●
PKI configured for R&S Trusted Disk
– Smart card personalized for the administrator
– At least one smart card personalized for a user
– Root CA certificate available
– Administrator certificate with the filename
SecurityAdminCertificate.crt
– If you use intermediate CAs: All certificates of the chain available
●
R&S Trusted Disk installer R&S Trusted Disk Setup X.X.X-VS-NfD.msi
available
– If you use Gemalto eTokens:
R&S Trusted Disk Setup X.X.X-eToken.msi
4.3 Installing R&S Trusted Disk
Before installing R&S Trusted Disk, make sure that all CA certificates are valid (i.e. not
expired).
1. Create a folder on the workstation.
2. Transfer SecurityAdminCertificate.crt and the R&S Trusted Disk installer
to the folder.
3. In the folder, create a subfolder CACerts.
Note: To ensure a successful installation, make sure to name any files and folders
as specified.
4. Transfer all CA certificates to the subfolder CACerts.
Note: If you use intermediate CAs, transfer all CA certificates of the chain to the
subfolder CACerts.
5. Execute the R&S Trusted Disk installer.
a) CardOS smart cards:
Execute R&S Trusted Disk Setup X.X.X-VS-NfD.msi.
b) Gemalto eTokens:
In a command prompt, enter the following command:
msiexec -i “R&S Trusted Disk Setup X.X.X-eToken.msi”
PKCS11LIBRARY=c:\windows\system32\eToken.dll
Note: If you do a silent installation and do not want the workstation to restart auto-
matically, you need to add the parameter REBOOT=ReallySuppress.
6. To complete the installation, restart the workstation.
Installing R&S
Trusted Disk
To Next Page
Loading...