Configuring Cloud Pak for Data System with ISKLM
If you want to configure the ISKLM information on the Cloud Pak for Data System, work with the platform administrator to perform the following steps.
Before you begin
- The Server certificate in
.pemformat from the ISKLM server.
- The device group name created on the ISKLM server.
- The ISKLM IP address and KMIP port value.
To configure the ISKLM information on Cloud Pak for Data System, the platform administrator must perform the following steps:
Log in to a control node as
Run the command:
apsedsklm configure --url <protocol://ip address:port> --servercert <server certificate path> --devgrp <device-group>
- ip address
- the SKLM IP address
- the KMIP port of SKLM
- server certificate path
- the downloaded location of the SKLM server certificate in Cloud Pak for Data System
- the device group created for this system by the ISKLM administrator
[apadmin@e1n1]# apsedsklm configure --url tls://184.108.40.206:5696 --devgrp IIAS_GROUP_TEST --servercert /tmp/ssl/server_cert_export.cer Creating Client Key and Certificate.. Successfully Created Client Key and Certificate. Configuring Client Parameters. sedsupport.cfg.json File already exists in /var/lib/sedsupport.. Rewriting the Configuration. Successfully Configured SKLM Client Parameters.. Please find log at /var/log/appliance/platform/sedsupport/apsedsklm_20190303222531.log
- Once the command runs successfully, it will create a client certificate that needs to be uploaded into the ISKLM server with the help of ISKLM administrator.
- After the successful upload to ISKLM, you can delete this file from Cloud Pak for Data System.