Index

A  B  C  D  E  F  H  I  J  K  L  M  N  O  P  Q  R  S  T  U  V  Z 

A

accessibility options, 5.6
activating software upgrades, 10.1.10.2
adding agents to a KMA
QuickStart Program, 4.4
adding gateways
OKM Console, 12.4.11
QuickStart program, 3.3.4
Adjust System Time menu, 10.1.12
Agent Assignment to Key Groups menu, 9.5.5
Agent List menu, 10.3
Agent Performance List menu, 10.3.7
agents, 1.1
Agents
assigning a Key Group to, 10.3.5
assigning to a Key Group, 9.5.5
creating, 10.3.2
deleting, 10.3.6
removing a Key Group from, 10.3.5
removing an Agent from a Key Group, 9.5.5
setting passphrases, 10.3.4
viewing an Agent list, 10.3.1
viewing or modifying agent details, 10.3.3
applying software upgrades, 10.1.10.1
approving pending quorum operations, 11.4
assigning a Key Group to a Transfer Partner, 9.7.1.3
assigning a Key Group to an Agent, 10.3.5
assigning a Transfer Partner to a Key Group, 9.5.6
assigning an Agent to a Key Group, 9.5.5
Audit Event List menu, 7.4
Audit Logs
exporting, 5.4, 7.4
viewing, 7.4
Auditor
description, 6.6.1
Autonomous Unlock option
caution, 3.5.3
Autonomous Unlock Option menu, 10.1.8.1

B

Backup command line utility
description, 13.3
IPv6 addresses with Zone IDs, 5.7.1
Backup Command Line utility
Example, 13.3.4
parameter descriptions, 13.3.3
Solaris syntax, 13.3.1
Windows syntax, 13.3.2
backup Core Security, 8.4
backup files
confirming destruction of, 8.7
creating, 8.5
restoring, 8.6
viewing details, 8.3
viewing history, 8.3
Backup List menu, 8
Backup Operator
description, 6.6.1
BIOS
configuring, F.1.10

C

CA Certificate, 14.3
cable
Ethernet, 1.7
power, 1.7
certificates
Client, 14.3
converting PKCS12 format to PEM format, 14.3.1
Root CA, 14.3
saving, 14.3
changing the passphrase, 6.1
checking the SCA 6000 card, 10.1.13
Client Certificate, 14.3
clock
adjusting the local clock, 10.1.12
cluster
description, 1.1
Cluster
connecting to, 4.2
joining an existing
QuickStart program, 3.6
logging the KMA back into, 12.4.7
Cluster profile
creating, 4.2.1
deleting, 4.2.2
command line utilities
Backup, 13.3
description, 13
IPv6 addresses with Zone IDs, 5.7.1
OKM, 13.2
Compliance Officer
description, 6.6.1
compromising keys, 9.6.2
configuration
network information, 10.1.11
configuration settings
specifying, 5.7
configuring Key Transfer Partners, 9.7.1
configuring the Cluster
QuickStart program, 3.5
confirming destruction of backup files, 8.7
connecting to the OKM, 4.2
converting certificate formats, 14.3.1
cooling requirements, 1.4
Core Security
creating a backup, 8.4
description, 8.1
Core Security Management menu, 8.1
creating a Cluster profile, 4.2.1
creating a Core Security backup, 8.4
creating a Key Transfer Public Key, 9.7.1.1
creating a KMA, 10.1.2
creating a site, 10.2.2
creating a system dump, 7.5
creating a Transfer Partner, 9.7.1.2
creating a user, 6.3
creating an Agent, 10.3.2
creating an SNMP Manager, 7.1.4
creating backup files, 8.5
creating Key Groups, 9.5.2
creating Key Policies, 9.4.2
current load
displaying, 7.3
Current Load menu, 7.3

D

Data Unit List menu, 10.4
Data Units
description, 10.4
destroying post-operational keys, 10.4.5
key details, 10.4.3
modifying details, 10.4.2
viewing, 10.4.1
viewing details, 10.4.2
viewing key counts, 10.4.6
deleting a Cluster profile, 4.2.2
deleting a KMA, 10.1.5
deleting a site, 10.2.4
deleting Agents, 10.3.6
deleting an SNMP Manager, 7.1.6
deleting gateways
OKM Console, 12.4.11
deleting Key Groups, 9.5.4
deleting Key Policies, 9.4.4
deleting pending quorum operations, 11.5
deleting users, 6.5
destroying post-operational keys, 10.4.5
disabling the Primary Administrator
OKM Console, 12.4.6, 12.4.6
disabling the technical support account
OKM Console, 12.4.4, 12.4.4
disaster recovery configuration, 1.5.3
disconnecting from the KMA, 5.1

E

Embedded Lights Out Manager (ELOM)
configuring, F.2.3
configuring the BIOS, F.1.10
launching the BIOS Setup Utility, F.2.6
upgrade overview, F.2.1
upgrading the ELOM server firmware, F.2.5
using a network connection, 3.1.3
verifying ELOM and BIOS levels, F.2.4
enabling the Primary Administrator
OKM Console, 12.4.5
enabling the Technical Support account
OKM Console, 12.4.3
QuickStart program, 3.3.2
encryption
behavior
LTO, 1.2.6.1
enablement key, T-series tape drive, 1.2.6.1
endpoints
supported, 1.2.1
enrolling tape drives
QuickStart Program, 4.4
entering initial Security Officer user credentials
QuickStart program, 3.5.2
entering Key Split Credentials
QuickStart program, 3.5.1
equipment delivery plan, 1.4
Ethernet cable, 1.7
exporting Audit Logs, 5.4, 7.4
exporting keys, 9.7.2

F

firmware requirements, 1.2.6.3

H

hardware security module
description, 1.3.3
order number, 1.7
humidity requirements, 1.4

I

Import Keys menu, 9.7.3
importing a KMS 1.0 Key Export file, 9.5.7
importing keys, 9.7.3
initializing the KMA
QuickStart program, 3.4
installing the Oracle Key Manager (OKM), 2
Integrated Lights Out Manager (ILOM)
configuring, F.1.3
configuring the BIOS, F.1.10
launching the BIOS Setup Utility, F.1.7
security hardening, F.1.8
upgrade overview, F.1.2
upgrading the ILOM 3.2 server firmware, F.1.5
verifying ILOM and BIOS levels, F.1.4
invoking the OKM Manager, 2.6
IPv6 addresses with Zone IDs, 5.7.1, 5.7.1

J

joining an existing Cluster
QuickStart program, 3.6

K

Key Export file
importing a KMS 1.0 file, 9.5.7
Key Group Assignment to Agents menu, 10.3.5
Key Group Assignment to Transfer Partners menu, 9.7.1.3
Key Group List menu, 9.5
Key Groups
assigning a Transfer Partner to, 9.5.6
assigning an Agent to, 9.5.5
assigning to an Agent, 10.3.5
assigning to Transfer Partners, 9.7.1.3
assigning Transfer Partners to, 9.5.6
creating, 9.5.2
definition, 9.5
deleting, 9.5.4
removing an Agent from, 9.5.5
removing from a Transfer Partner, 9.7.1.3
removing from an Agent, 10.3.5
removing Transfer Partners from, 9.5.6
viewing, 9.5.1
viewing Key Group assignments to Transfer Partners, 9.7.1.3
viewing or modifying details, 9.5.3
viewing Transfer Partners assigned to, 9.5.6
Key Groups menu, 9.5
Key Management Appliance (KMA)
adding gateways, 3.3.4, 12.4.11
adjusting the local clock, 10.1.12
checking the SCA 6000 card, 10.1.13
creating, 10.1.2
deleting, 10.1.5
deleting gateways, 12.4.11
disconnecting from, 5.1
keyboard and monitor attachment to the KMA, F.3
locking KMA core security, 10.1.8
locking or unlocking core security, 10.1.8
logging back into the Cluster, 12.4.7
logging into, 12.2
modifying a Key Pool size, 10.1.7
network configuration information for, 10.1.11
rebooting, 12.4.1
resetting to the factory default, 12.4.14
setting a passphrase, 10.1.4
setting the Management IP addresses, 12.4.9
setting the Service IP addresses, 12.4.10
shutting down, 12.4.2
specifying the DNS settings, 12.4.13
unlocking core security, 10.1.8
viewing, 10.1.1
viewing gateways, 3.3.4, 12.4.11
viewing or modifying details, 10.1.3
viewing SNMP Managers, 7.1.3
Key Policies
creating, 9.4.2
deleting, 9.4.4
description, 9.4
modifying, 9.4.3
viewing, 9.4.1, 9.4.3
Key Policy List menu, 9.4
Key Split Configuration menu, 11.1.1
Key Split Credentials
entering, 3.5.1
modifying, 11.1.2
viewing, 11.1.1
key states and transitions
OKM, 9.2
Key Transfer Partners
configuring, 9.7.1
feature description, 9.7
Key Transfer Public Key
creating, 9.7.1.1
viewing details, 9.7.5
viewing the list of, 9.7.5
keyboard layout
setting, 12.4.15
keys
compromising, 9.6.2
destroying post-operational keys, 10.4.5
importing from a Key Transfer file, 9.7.3
Keys
querying, 9.6.1
KMA
description, 1.3
in a cluster, 1.1
order number, 1.7
KMA performance
querying, 10.1.6
KMA Performance List menu, 10.1.6

L

labels, security, 1.4
local clock
adjusting, 10.1.12
locking KMA core security, 10.1.8
locking the KMA, 10.1.8, 10.1.8
Lock/Unlock KMA menu, 10.1.8
logging into the Key Management Appliance, 12.2
logging out of the OKM Console session, 12.4.18, 12.4.18, 12.4.18, 12.4.18
logging the KMA back into the Cluster
OKM Console, 12.4.7
LTO tape drive
requirement, 1.2.6

M

managed switches, 1.6.4
management network, 1.6.1
Master Key Provider button, 4.3
menu
Adjust System Time, 10.1.12
Agent Assignment to Key Groups, 9.5.5
Agent List, 10.3
Audit Event List, 7.4
Autonomous Unlock, 10.1.8.1
Backup List, 8
Core Security Management, 8.1
Data Unit List, 10.4
Import Keys, 9.7.3
Key Group Assignment to Agents, 10.3.5
Key Group Assignment to Transfer Partners, 9.7.1.3
Key Group List, 9.5
Key Groups, 9.5
Key Policy List, 9.4
Key Split Configuration, 11.1.1
Lock/Unlock KMA, 10.1.8
Role List, 6.6
Site List, 10.2
SNMP Manager List, 7.1
System Dump, 7.5
System Time, 10.1.12
Transfer Partner Assignment to Key Groups, 9.5.6
Transfer Partners List, 9.7.4
modifying a Key Pool size, 10.1.7
modifying agent details, 10.3.3
modifying Data Unit details, 10.4.2
modifying Key Group details, 9.5.3
modifying Key Policies, 9.4.3
modifying Key Split Credentials, 11.1.2
modifying KMA details, 10.1.3
modifying site details, 10.2.3
modifying SNMP Manager details, 7.1.5
modifying user details, 6.4

N

nCipher nShield Solo
description, 1.3.3
order number, 1.7
network
management, 1.6.1
routing configuration, 1.6.5
service, 1.6.2
network configuration
specifying, 3.3.1
network configuration information, 10.1.11

O

OKM
cluster, 1.1
description, 1
OKM Command Line utility
description, 13.2
examples, 13.2.4
exit values, 13.2.5
IPv6 addresses with Zone IDs, 5.7.1
parameter descriptions, 13.2.1, 13.2.1
sample perl scripts, 13.2.6
OKM Console
Auditor options, 12.3.4
Backup Operator options, 12.3.4
Compliance Officer options, 12.3.4
Operator functions
disabling the Primary Administrator, 12.4.6
disabling the technical support account, 12.4.4
logging out, 12.4.18
rebooting the KMA, 12.4.1
setting the keyboard layout, 12.4.15
shutting down the KMA, 12.4.2
Operator options, 12.3.1
other role functions
logging out, 12.4.18
setting the keyboard layout, 12.4.15
Security Officer functions
adding gateways, 12.4.11
deleting gateways, 12.4.11
disabling the Primary Administrator, 12.4.6
disabling the technical support account, 12.4.4
enabling the Primary Administrator, 12.4.5
enabling the Technical Support account, 12.4.3
logging out, 12.4.18
logging the KMA back into the Cluster, 12.4.7
resetting the KMA to the factory default, 12.4.14
setting a user passphrase, 12.4.8
setting the keyboard layout, 12.4.15
setting the KMA Management IP addresses, 12.4.9
setting the KMA Service IP addresses, 12.4.10
specifying the DNS settings, 12.4.13
viewing gateways, 12.4.11
Security Officer options, 12.3.2
using, 12
OKM Manager
GUI
accessibility options, 5.6
online help
using, 5.2
operations
role-based, 6.6.2
Operator
description, 6.6.1
Operator functions
disabling the Primary Administrator, 12.4.6
disabling the technical support account, 12.4.4
logging out of the OKM Console session, 12.4.18
rebooting the KMA
OKM Console, 12.4.1
setting the keyboard layout, 12.4.15
shutting down the KMA, 12.4.2
Oracle Key Manager (OKM)
changing the passphrase, 6.1
concepts
key lifecycle, 9.3
OKM key states and transitions, 9.2
connecting to the OKM Cluster, 4.2
converting certificate formats from PKCS12 to PEM, 14.3.1
creating a Cluster profile, 4.2.1
deleting a Cluster profile, 4.2.2
description, 2
installing, 2
invoking the OKM Manager
Solaris startup, 2.6
Windows startup, 2.6
saving certificates, 14.3
specifying configuration settings, 5.7
states
active, 9.2
compromised, 9.2
deactivated, 9.2
destroyed, 9.2
destroyed compromised, 9.2
pre-activation, 9.2
user roles, 6.6.1
order numbers
Ethernet cables, 1.7
hardware security module, 1.7
KMA, 1.7
power cable, 1.7
switch accessory kit, 1.7
other role functions
logging out, 12.4.18
setting the keyboard layout, 12.4.15

P

passphrase
changing, 6.1
setting, 6.4
setting for a KMA, 10.1.4
setting for a user, 12.4.8
pending operations
approving, 11.4
deleting, 11.5
viewing details, 11.3
Post-operational Keys
destroying, 10.4.5
power cable order numbers, 1.7
Primary Administrator
disabling, 12.4.6, 12.4.6

Q

QuickStart program
adding agents to a KMA, 4.4
adding gateways, 3.3.4
configuring the Cluster, 3.5
enabling the Technical Support account, 3.3.2
enrolling tape drives, 4.4
entering initial Security Officer user credentials, 3.5.2
entering Key Split Credentials, 3.5.1
initializing the KMA, 3.4
joining an existing Cluster, 3.6
restoring a Cluster from a backup, 3.7
setting the Key Pool size, 3.5.4
setting the KMA Management IP address, 3.3.1
setting the KMA Service IP address, 3.3.3
specifying the Autonomous Unlock preference, 3.5.3
specifying the network configuration, 3.3.1
synchronizing KMA time, 3.5.6
viewing gateways, 3.3.4
Quorum Member
description, 6.6.1
operations, 11

R

rebooting the KMA
OKM Console, 12.4.1
remote syslog
creating, 7.6.2
deleting server, 7.6.5
testing support, 7.6.4
viewing or modifying details, 7.6.3
Remote Syslog menu, 7.6
removing a Key Group from a Transfer Partner, 9.7.1.3
removing a Key Group from an Agent, 10.3.5
removing a Transfer Partner from a Key Group, 9.5.6
removing an Agent from a Key Group, 9.5.5
replication version
switching, 10.1.10.3
requirements
cooling, 1.4
firmware, 1.2.6.3
rack, 1.3.2
server, 1.4
temperature and humidity, 1.4
resetting the KMA to the factory default
OKM Console, 12.4.14
restoring a backup, 8.6
restoring a Cluster from a backup
QuickStart Program, 3.7
retrieving security parameters, 4.3
retrieving the system time, 10.1.12
role
viewing operations for, 6.6
Role List menu, 6.6
role-based operations, 6.6.2
roles
Oracle Key Manager, 6.6.1
viewing, 6.6
Root CA Certificate, 14.3

S

saving certificates, 14.3
SCA 6000 card
checking, 10.1.13
SCA 6000 description, 1.3.3
security labels, 1.4
Security Officer
description, 6.6.1
Security Officer functions
adding gateways, 12.4.11
deleting gateways, 12.4.11
disabling the Primary Administrator, 12.4.6
disabling the technical support account, 12.4.4
enabling the Primary Administrator, 12.4.5
enabling the Technical Support account, 12.4.3
logging the KMA back into the Cluster, 12.4.7
resetting the KMA to the factory default, 12.4.14
setting a user passphrase, 12.4.8
setting the keyboard layout, 12.4.15
setting the KMA Management IP addresses, 12.4.9
setting the KMA Service IP addresses, 12.4.10
specifying the DNS settings, 12.4.13
viewing gateways, 12.4.11
security parameters
Master Key Provider, 4.3
retrieving, 4.3
server requirements, 1.4
service network, 1.6.2
Service Processor
configuring the ELOM, F.2.3
keyboard and monitor attachment to the KMA, F.3
launching the BIOS Setup Utility from the ELOM, F.2.6
launching the BIOS Setup Utility from the ILOM, F.1.7
upgrading the ELOM server firmware, F.2.5
verifying ELOM and BIOS levels, F.2.4
setting a KMA passphrase, 10.1.4
setting a user passphrase, 6.4
OKM Console, 12.4.8
setting an Agent passphrase, 10.3.4
setting the Key Pool size
QuickStart program, 3.5.4
setting the keyboard layout, 12.4.15
OKM Console, 12.4.15, 12.4.15, 12.4.15
setting the KMA Management IP address
OKM Console, 12.4.9
QuickStart program, 3.3.1
setting the KMA Service IP address
OKM Console, 12.4.10
QuickStart program, 3.3.3
shutting down the KMA, 12.4.2
site details
viewing or modifying, 10.2.3
Site List menu, 10.2
sites
creating, 10.2.2
deleting, 10.2.4
viewing, 10.2.1
SNMP Manager
creating, 7.1.4
deleting, 7.1.6
viewing for a KMA, 7.1.3
viewing or modifying details, 7.1.5
SNMP Manager List menu, 7.1
software upgrades
activating, 10.1.10.2
uploading and applying, 10.1.10.1
specifying configuration settings, 5.7
specifying the Autonomous Unlock preference
QuickStart program, 3.5.3
specifying the DNS settings
OKM Console, 12.4.13
specifying the network configuration
QuickStart program, 3.3.1
starting the KMA
QuickStart program, 3.4
starting the OKM Manager, 2.6
states and transitions
OKM keys, 9.2
switch accessory kit, 1.6.4, 1.7
switching the replication version, 10.1.10.3
synchronizing KMA time
QuickStart program, 3.5.6
system dump
creating, 7.5
System Dump menu, 7.5
system time
retrieving, 10.1.12
System Time menu, 10.1.12

T

tape drive
enablement keys, 1.2.6.1
encryption behavior
LTO, 1.2.6.1
firmware requirements, 1.2.6.3
service network, 1.6.4
use of cluster KMAs, 1.2.1
technical support account
disabling, 12.4.4
temperature requirements, 1.4
Transfer Partner Assignment to Key Groups menu, 9.5.6
Transfer Partners
assigning a Key Group to, 9.7.1.3
assigning to a Key Group, 9.5.6
assigning to Key Groups, 9.5.6
creating, 9.7.1.2
deleting, 9.7.7
importing Keys and Data Units from a key transfer file, 9.7.3
Key Group Assignment to, 9.7.1.3
List, 9.7.4
removing from a Key Group, 9.5.6
removing Key Groups from, 9.7.1.3
viewing and modifying details, 9.7.6
viewing assignments to Key Groups, 9.5.6
viewing Key Group assignments to, 9.7.1.3

U

unlocking KMA core security, 10.1.8
unlocking the KMA, 10.1.8
uploading software upgrades, 10.1.10.1
user details
viewing or modifying, 6.4
user passphrase
setting, 6.4
user roles
Oracle Key Manager, 6.6.1
users
creating, 6.3, 6.3
deleting, 6.5
viewing, 6.2
using the OKM Console, 12
utilities
command line, 13
utility
Backup command line
description, 13.3
IPv6 addresses with Zone IDs, 5.7.1
OKM command line
IPv6 addresses with Zone IDs, 5.7.1
OKM Command Line
description, 13.2

V

viewing agent details, 10.3.3
viewing Audit Logs, 7.4
viewing backup files details, 8.3
viewing backup files history, 8.3
viewing Data Unit details, 10.4.2
viewing Data Units, 10.4.1
viewing gateways
OKM Console, 12.4.11
QuickStart program, 3.3.4
viewing Key Group assignments to Transfer Partners, 9.7.1.3
viewing Key Group details, 9.5.3
viewing Key Groups, 9.5.1
viewing key policies, 9.4.1
viewing Key Policies, 9.4.3
viewing Key Transfer Public Key details, 9.7.5
viewing KMA details, 10.1.3
viewing KMA SNMP Managers, 7.1.3
viewing KMAs, 10.1.1
viewing operations for, 6.6
viewing pending operations details, 11.3
viewing roles, 6.6
viewing site details, 10.2.3
viewing sites, 10.2.1
viewing SNMP Manager details, 7.1.5
viewing the Agent List, 10.3.1
viewing the Key Split credentials, 11.1.1
viewing the Key Transfer Public Key list, 9.7.5
viewing Transfer Partner assignments to Key Groups, 9.5.6
viewing user details, 6.4
viewing users, 6.2

Z

Zone IDs
specifying IPv6 addresses, 5.7.1, 5.7.1