Checking the compatibility of KMS vendor with NetBackup
Check the compatibility of the KMS vendor with NetBackup for successful configuration of KMS in your environment.
See Configuring KMS credentials.
See Configuring KMS.
To check the compatibility of KMS vendor with NetBackup
- Ensure that you to have the administrative privileges or the permissions from the KMS administrator to perform KMIP compatibility operations on the KMS.
- Run the following command:
nbkmiputil -ekmsCheckCompat|-ecc -extended -kmsServer kms_server_name -port port -certPath cert_path -privateKeyPath private_key_path -truststorepath trust_store_path
The -ekmsCheckCompat command option is useful when the KMS vendor is not listed as a supported KMS vendor in the NetBackup hardware compatibility list and you want to verify the compatibility of the vendor with NetBackup.
The command checks for issues related to execution of the KMIP operation on the given KMS sever and the supported KMIP protocol versions.
The following validations and tasks are carried out when you run the command:
Checking KMIP version compatibility
Fetching server details
Validating KMIP operation
Creating keys
Deactivating keys
Compromising keys
Fetching active keys by key groups
Fetching NetBackup keys by key IDs
Setting key attributes
Fetching NetBackup keys based on attributes
Retrieving attributes that are set for a key from the server and verifying them
Destroying keys that were created by this command option
- If a check fails, contact Cohesity Technical Support.
- If the check passes, contact Cohesity Technical Support to add this KMS vendor in the NetBackup hardware compatibility list.