You can set up a Multi-Master cluster on an IBM Security Guardium Key Lifecycle Manager server that is cross-migrated from any of the
earlier versions.
Before you begin
Ensure that the IBM Security Guardium Key Lifecycle Manager server on
which you want to set up the Multi-Master cluster is cross-migrated to version 4.2.1.
Procedure
-
In the SKLMConfig.properties file, update the
TransportListener.ssl.protocols property to the value:
TLSv1.2.
-
Stop the IBM Security Guardium Key Lifecycle Manager Agent.
-
Restart the IBM Security Guardium Key Lifecycle Manager server.
-
During the restore process, if you specified the RESTORE_USER_ROLES
property as RESTORE_USER_ROLES=y in the
restoreVversion utility (for example,
restoreV25.bat), refresh the user credentials on the IBM Security Guardium Key Lifecycle Manager server:
-
Log on to the IBM Security Guardium Key Lifecycle Manager graphical user
interface.
-
Click .
-
On the page, click the Multi-Master link and in the
Confirm dialog box, click OK.
-
In the Masters table, select the master server and click
Modify Master.
-
In the Multi-Master Configuration - Modify Master window, specify the
values for the IBM Security Guardium Key Lifecycle Manager
password.
-
Click Accept host certificate automatically and click
Update.
-
In the information message dialog box with the message Successfully modified the
master, click Close.
-
Click Cancel.
The IBM Security Guardium Key Lifecycle Manager master server is setup
as the primary master.
What to do next
You can now add standby and non-HADR master servers to the cluster. For more information,
see Adding a standby master server to a cluster and Adding a non-HADR master server to a cluster.