Nicke
ADSM.ORG Senior Member
Hi there!
Currently working with a new S.P/TSM 8.1.x PoC Cloud project with Linux servers and have a question:
The customer don't accept having the Encryption Certificates managed by the TSM Server (in the cloud side) and only by the client. (From doc's how it works now: .. one random encryption key is generated per session and it is stored on the Tivoli Storage Manager server)
And /etc/adsm/TSM.PWD file on the client server only seem to contain the encryption passwords and not the whole encryption certificate.
This is my current TSM client node stanza:
Servername TEST44
NODENAME TEST03
Resourceutilization 30
Passwordaccess Generate
TCPSERVERADDRESS *******
ENCRYPTKEY SAVE
ENABLECLIENTENCRYPTKEY YES
ENCRYPTIONTYPE AES256
INCLUDE.ENCRYPT /.../*
For the API there's this option: "DSM_ENCRYPT_CLIENTENCRKEY" but I can't see any other client B/A option like it than what I already have in the dsm.sys stanza.
Thanks for some insight how client encryption should be,
Kind Regards,
Nicke
Currently working with a new S.P/TSM 8.1.x PoC Cloud project with Linux servers and have a question:
The customer don't accept having the Encryption Certificates managed by the TSM Server (in the cloud side) and only by the client. (From doc's how it works now: .. one random encryption key is generated per session and it is stored on the Tivoli Storage Manager server)
And /etc/adsm/TSM.PWD file on the client server only seem to contain the encryption passwords and not the whole encryption certificate.
This is my current TSM client node stanza:
Servername TEST44
NODENAME TEST03
Resourceutilization 30
Passwordaccess Generate
TCPSERVERADDRESS *******
ENCRYPTKEY SAVE
ENABLECLIENTENCRYPTKEY YES
ENCRYPTIONTYPE AES256
INCLUDE.ENCRYPT /.../*
For the API there's this option: "DSM_ENCRYPT_CLIENTENCRKEY" but I can't see any other client B/A option like it than what I already have in the dsm.sys stanza.
Thanks for some insight how client encryption should be,
Kind Regards,
Nicke
