Install and configure Entrust KeyControl

The following steps summarize the deployment of the Entrust KeyControl in cluster mode in Nutanix:

A two-node cluster was deployed for this integration. Refer to the following link for Online Documentation Set.

KeyControl can be deployed on AHV using the ISO image. The ISO image is available at Software Downloads. Installation instructions are available at ISO Installation

Upload the Entrust KeyControl ISO in AHV

  1. Log into the Nutanix Prism Element web UI.

  2. Select the Settings control on the top tool bar.

  3. In the left menu, select Image Configuration. The Image Configuration page appears. For example:

    upload ahv 1
  4. Select Upload Image. The Create Image dialog appears.

  5. Enter Create Image information:

    • For Name, enter a unique name. For example, ISO-Entrust-KeyControl-10.1.1.

    • For Image Type, select ISO.

    • For Storage Container, select the required container.

    • Select Upload a file, browse to the ISO file and select it for use.

    For example:

    upload ahv 2
  6. Select Save.

  7. On the Image Configuration page, confirm that the image is ACTIVE. For example:

    upload ahv 3

For reference, see Configuring Images in the Nutanix online documentation.

Deploy an Entrust KeyControl node on AHV

  1. Log into the Nutanix Prism Element web UI.

  2. Select VM from the pull-down menu on the top tool bar. The VM page appears. For example:

    deploy ahv 1
  3. Select the Table tab.

  4. Select Create VM. The Create VM dialog appears.

  5. Under General Configuration information:

    • For Name, enter a unique name for the VM.

    • For Timezone, select your timezone.

    • Clear Use this VM as an agent VM.

    For example:

    deploy ahv 2
  6. Under Compute Details information:

    • For vCPUs, enter 2.

    • For Memory, select 60.

    For example:

    deploy ahv 3
  7. Under Boot Configuration information:

    • Select Legacy BIOS.

    • Under Disks, select the edit button for the CD-ROM entry. The Update Disk dialog appears.

    • In the Update Disk dialog:

      • For Operation, select Clone from Image Service.

      • For Bus Type, select SATA.

      • For Image, enter the ISO file name.

      • Select Update.

      For example:

      deploy ahv 4
    • Select Add New Disk. The Add Disk dialog appears.

    • In the Add Disk dialog:

      • For Operation, select Allocate on Storage Container.

      • For Bus Type, select SCSI.

      • For Storage Container, select the required service container.

      • For Size, select 200.

      • For Index, select Next Available.

      • Select Add.

      For example:

      deploy ahv 5
  8. Under Network Adapters (NIC), select Add New NIC. The Create NIC dialog appears.

  9. In the Create NIC dialog, select your Subnet Name and select Add. For example:

    deploy ahv 6
  10. At the bottom of the Create VM dialog, select Save to save the VM.

  11. On the VM page, confirm that the VM is created. For example:

    deploy ahv 8
  12. Select Power on to start the VM.

For reference, see Create a VM in the Nutanix online documentation.

  1. Repeat the above to create a second node.

Join the two Entrust KeyControl nodes to form a cluster.

Join the two Entrust KeyControl nodes in a high availability cluster following the instructions Installing a New KeyControl Vault Cluster Additional information can be found at Entrust Dcoumentation. Search for the KeyControl.

Create an Entrust KeyControl vault

  1. Sign in to the Entrust KeyControl Appliance Manager.

  2. In the Appliance Management home page select Vault Management.

    create keycontrol vault 1
  3. In the Vault Management home page, select Create Vault. The Create Vault dialog appears.

    create keycontrol vault 2
  4. In the Type drop-down box, select KMIP. Enter the required information. Then select Create Vault. For example:

    create keycontrol vault 3
  5. Bookmark the following URL and save the credentials. You will receive an email with the above information if the SMTP was set.

    create keycontrol vault 4
  6. Sign in to the URL provided above with the temporary password. Change the initial password when prompted. Sign in again to verify.

    create keycontrol vault 5
  7. Notice the new vault.

    create keycontrol vault 6