Edit Encryption Environmental Settings window

Items to be configured in the Edit Encryption Environmental Settings window can be changed under the following conditions:

When the key management server is not in use
When local key generation is disabled
When the key encryption key for the key management server is stored on the storage system.

Item	Description
Key Management Server	Select whether to use the key management server: Enable: (default) key management server is used Disable: key management server is not used
Server Setting	When you use the key management server, the following items display: Primary server Secondary server Server Configuration test
Primary Server	Specify the primary server information. Host Name: Enter the host name of the key management server. Identifier: Enter the host identifier. IPv4: Enter the host IPv4 address. IPv6: Enter the host IPv6 address. Port number: Enter the port number of the key management server. Values: 1 to 65535. Default: 5696. Timeout (sec.): Enter the time until the connection attempt to the key management server times out. Values: 1 to 999. Default: 60. Retry Interval (sec.): Enter the interval to retry the connection to the key management server. Values: 1 to 60. Default: 1. Number of Retries: Enter the number of times to retry the connection to the key management server. Values: 1 to 50. Default: 3. Client Certificate File Name: Select the client certificate file for connecting to the key management server. Click Browse and select the file. Browse: Select the client certificate file. The form of the client certificate is PKCS#12. For information about the client certificate file, contact the server or network administrator. The file name appears in the Client Certificate File Name field. Password: Enter the password for the client certificate. Character limits: 0 to 128. Valid characters: Numbers (0 to 9) Upper case: (A-Z) Lower case: (a-z) Symbols: ! # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { \| } ~ Root Certificate File Name: Select the root certificate file for connecting to the key management server. Click Browse and select the file. Browse: Select the root certificate file. The form of the client certificate is X.509. If you do not know about the root certificate file, contact the server administrator or the network administrator. The name of the selected file appears in the Root Certificate File Name field.
Secondary Server	When the secondary server is set to Enable, the same items can be set as the items of the primary server.
Server Configuration Test	Select Check to start a server connection test for the key management server based on the specified settings.
Check	Start a server connection test for the key management server based on the specified settings
Result	Shows the result of the server connection test for the key management server
Generate Encryption Keys on Key Management Server	Checks when encryption keys are created on a key management server
Protect the Key Encryption Key at the Key Management Server	Specifies when key encryption keys are saved on key management servers. If Warning is displayed, confirm the content of the warning, and select I Agree.
Disable local key generation	Checks when encryption keys are saved on key management servers and encryption keys cannot be created on the storage system. If Warning is displayed, confirm the content of the warning, and select I Agree. Caution: If you finish the setting, you cannot restore the setting, so it is recommended that you confirm there are no problems before selecting I Agree.
Initialize Encryption Environmental Settings	Select to initialize the encryption environmental settings