KeySafe 5 Service Deployment

The KeySafe 5 Service Deployment installs KeySafe 5 (REST APIs and User Interface) as a service running on a Unix or a Windows machine.

KeySafe 5 Agent’s may then be configured to connect to the KeySafe 5 server running on that machine, and optionally, you may configure external access to the REST APIs and WebUI via the KeySafe 5 Server configuration file.

Example KeySafe 5 Service deployment:

keysafe5 service deployment

  • To expose the KeySafe 5 WebUI and REST APIs externally from the KeySafe 5 server machine, you must configure the KeySafe 5 Server host and port, and configure any firewalls to allow inbound TCP traffic to the KeySafe 5 server on the configured port (18080 by default).

  • To allow KeySafe 5 Agents installed on either a network-attached HSM or on a nShield host machine to communicate with the KeySafe 5 Service Deployment, you must allow inbound TCP traffic to the KeySafe 5 server on the configured agent communications port (18084 by default).

  • KeySafe 5 Agents are required on nShield host machine’s if you want to use KeySafe 5 to manage a HSM or Security World that is local to that machine.