Install and configure Entrust KeyControl

A two-node cluster was deployed for this integration. KeyControl can be deployed on AHV using the ISO image. The ISO image is available at Software Downloads. Installation instructions are available at ISO Installation.

Upload the KeyControl ISO in AHV

For reference see the following Nutanix online documentation:

  1. Log into the Nutanix Prism Element web UI.

  2. Select the Settings control on the top tool bar.

  3. In the left menu, select Image Configuration.

    upload ahv 1

  4. Select Upload Image.

  5. In the Create Image window, enter the following: Then select Save.

    Parameter Value

    Name

    Enter a unique name.

    Image Type

    ISO

    Storage Container

    Select the required container.

    Upload a file

    Browse to the ISO file and select it.
    upload ahv 2

  6. In the Image Configuration window, confirm that the image is ACTIVE.

    upload ahv 3

Deploy an KeyControl node on AHV

For reference see VM Management in the Nutanix online documentation.

  1. Log in to the Nutanix Prism Element webUI.

  2. Select VM from the pull-down menu on the top tool bar.

    deploy ahv 1

  3. Select the Table tab.

  4. Select Create VM.

  5. In the General Configuration window, enter the following:

    Parameter Value

    Name

    Enter a unique name for the VM.

    Timezone

    Select your timezone.

    Use this VM as an agent VM

    Un-check
    deploy ahv 2

  6. In the Compute Details window, enter the following:

    Parameter Value

    vCPUs

    2 (Number of cores per vCPU =1)

    Memory

    8
    deploy ahv 3

  7. In the Boot Configuration, enter the following:

    • Select Legacy BIOS.

    • Under Disks, select the edit button for the CD-ROM entry.

  8. In the Update Disk window, enter the following. Then select Update.

    Parameter Value

    Operation

    Clone from Image Service

    Bus Type

    SATA

    Image

    Enter the image file name.
    deploy ahv 4

  9. Select Add New Disk.

  10. In the Add Disk window, enter the following. Then select Add.

    Parameter Value

    Operation

    Allocate on Storage Container

    Bus Type

    SCSI

    Storage Container

    Select the required service container.

    Size

    200

    Index

    Next Available
    deploy ahv 5

  11. Under Network Adapters (NIC), select Add New NIC.

  12. In the Create NIC window, select your Subnet Name. Then select Add.

    Select a static network as DHCP network deployment is not supported.
    deploy ahv 6

  13. At the bottom of the Create VM window, select Save.

  14. On the VM page, confirm the VM was created.

    deploy ahv 8

  15. Select Power on to start the VM.

  16. Repeat all steps to create a second Entrust KeyControl node.

Join the two KeyControl nodes to form a cluster.

Join the two KeyControl nodes in a high availability cluster following the instructions in Installing a New KeyControl Vault Cluster Additional information can be found at Entrust Documentation (search for the KeyControl).

Create a KeyControl vault

  1. Sign in to the KeyControl Appliance Manager.

  2. In the Appliance Management home page select Vault Management.

    create keycontrol vault 1

  3. In the Vault Management home page, select Create Vault. The Create Vault dialog appears.

    create keycontrol vault 2

  4. In the Type drop-down box, select KMIP. Enter the required information, then select Create Vault.

    create keycontrol vault 3

  5. Bookmark the following URL and save the credentials. You will receive an email with the above information if the SMTP was set.

    create keycontrol vault 4

  6. Sign in to the URL provided above with the temporary password. Change the initial password when prompted. Sign in again to verify.

    create keycontrol vault 5

  7. Notice the new vault.

    create keycontrol vault 6