Install and configure Entrust KeyControl

A two-node cluster was deployed for this integration.

KeyControl can be deployed on AHV using the ISO image. The ISO image is available at Software Downloads. Installation instructions are available at ISO Installation

Upload the KeyControl ISO in AHV

For reference, see Create a VM in the Nutanix online documentation.

  1. Log into the Nutanix Prism Element web UI.

  2. Select the Settings control on the top tool bar.

  3. In the left menu, select Image Configuration.

    upload ahv 1

  4. Select Upload Image.

  5. Enter Create Image information:

    • For Name, enter a unique name. For example, ISO-Entrust-KeyControl-10.1.1.

    • For Image Type, select ISO.

    • For Storage Container, select the required container.

    • Select Upload a file, browse to the ISO file and select it for use.

    upload ahv 2

  6. Select Save.

  7. On the Image Configuration page, confirm that the image is ACTIVE.

    upload ahv 3

For reference, see Configuring Images in the Nutanix online documentation.

Deploy an KeyControl node on AHV

  1. Log in to the Nutanix Prism Element webUI.

  2. Select VM from the pull-down menu on the top tool bar.

    deploy ahv 1

  3. Select the Table tab.

  4. Select Create VM.

  5. Under General Configuration information:

    • For Name, enter a unique name for the VM.

    • For Timezone, select your timezone.

    • Clear Use this VM as an agent VM.

    deploy ahv 2

  6. Under Compute Details information:

    • For vCPUs, enter 2.

    • For Memory, select 8.

    deploy ahv 3

  7. Under Boot Configuration information:

    • Select Legacy BIOS.

    • Under Disks, select the edit button for the CD-ROM entry.

  8. In the Update Disk dialog:

    • For Operation, select Clone from Image Service.

    • For Bus Type, select SATA.

    • For Image, enter the ISO file name.

  9. Select Update.

    deploy ahv 4

  10. Select Add New Disk.

  11. In the Add Disk dialog:

    • For Operation, select Allocate on Storage Container.

    • For Bus Type, select SCSI.

    • For Storage Container, select the required service container.

    • For Size, select 200.

    • For Index, select Next Available.

  12. Select Add.

    deploy ahv 5

  13. Under Network Adapters (NIC), select Add New NIC.

  14. In the Create NIC dialog, select your Subnet Name and select Add.

    deploy ahv 6

  15. At the bottom of the Create VM dialog, select Save to save the VM.

  16. On the VM page, confirm that the VM is created.

    deploy ahv 8

  17. Select Power on to start the VM.

  18. Repeat all steps to create a second node.

Join the two KeyControl nodes to form a cluster.

Join the two KeyControl nodes in a high availability cluster following the instructions Installing a New KeyControl Vault Cluster Additional information can be found at Entrust Documentation (search for the KeyControl).

Create an KeyControl vault

  1. Sign in to the KeyControl Appliance Manager.

  2. In the Appliance Management home page select Vault Management.

    create keycontrol vault 1

  3. In the Vault Management home page, select Create Vault. The Create Vault dialog appears.

    create keycontrol vault 2

  4. In the Type drop-down box, select KMIP. Enter the required information, then select Create Vault.

    create keycontrol vault 3

  5. Bookmark the following URL and save the credentials. You will receive an email with the above information if the SMTP was set.

    create keycontrol vault 4

  6. Sign in to the URL provided above with the temporary password. Change the initial password when prompted. Sign in again to verify.

    create keycontrol vault 5

  7. Notice the new vault.

    create keycontrol vault 6