Set up a SafeNet KeySecure keystore

If you are using a SafeNet keystore, copy a set of libraries into the proxy distribution directory.

Before you begin

You must install and set up the SafeNet keystore before performing this step. Secure a license with Gemalto in order to download the libraries.

About this task

Note: On Linux, file paths use a forward slash.

Procedure

  1. Copy these files to <installation directory>/lib directory:
    • ingrianNAE-<version>.jar
    • ingrianlog4j-api-<version>.jar
    • ingrianlog4j-core-<version>.jar
  2. Change to the <installation directory>/conf/ directory, and open the edgeencryption.properties file.
  3. Enter the properties for the SafeNet keystore.
    An example for a SafeNet keystore using username and password authentication.
    edgeencryption.nae.retries = 3
    edgeencryption.nae.enabled = true
    edgeencryption.nae.server = url
    edgeencryption.nae.port = 9000
    edgeencryption.nae.protocol = ssl
    edgeencryption.nae.keystore.path = keystore/safenet_truststore
    edgeencryption.nae.keystore.password = password
    edgeencryption.nae.user = safenet_user
    edgeencryption.nae.password = safenet_password
    An example for a SafeNet keystore using client certificate authentication. This authentication method eliminates the need to store the SafeNet server username and password in the properties file.
    edgeencryption.nae.retries = 3
    edgeencryption.nae.enabled = true
    edgeencryption.nae.server = url
    edgeencryption.nae.port = 9000
    edgeencryption.nae.protocol = ssl
    edgeencryption.nae.keystore.path = keystore/safenet_clientcert
    edgeencryption.nae.keystore.password = password
    edgeencryption.nae.client.certificate = cert_name
  4. Add or create a key in the SafeNet keystore.
    You add the key name (alias) on the instance when you assign default keys.
  5. Save and close the edgeencryption.properties file.