You can change the default port and timeout settings that IBM® Security Guardium® Key Lifecycle Manager provides.
About this task
You can use the Key Serving Ports page to change port and timeout settings.
Alternatively, you can use the following REST services to list and change the appropriate properties
in the SKLMConfig.properties
file:
Get Single Config Property REST Service and Update Config Property
REST Service
Before you begin, determine whether there are port or timeout conflicts at your site that prevent
from using the IBM Security Guardium Key Lifecycle Manager default values. Your role must have the permission to the configure
action.
Procedure
-
Go to the appropriate page or directory:
-
Change the value for the port or timeout settings:
- In the graphical user interface, change one or more
of these settings,
and then click OK:
- TCP port
- IBM Security Guardium Key Lifecycle Manager uses default port 3801. Values
can range from 1024 to 65535. The value that you set also changes the value of the
TransportListener.tcp.port property in the
SKLMConfig.properties
file. You must ensure that the port
is not already in use by another application.
- TCP timeout (in minutes)
- IBM Security Guardium Key Lifecycle Manager uses a default timeout value of 10
minutes. Values can range from 1 to 120. The value that you set also changes the value of
the TransportListener.tcp.timeout property in the
SKLMConfig.properties
file.
- TLS port
- IBM Security Guardium Key Lifecycle Manager uses default port 1441. Values can range from 1024 to 65535. The
value that you set also changes the value of the TransportListener.ssl.port
property in the
SKLMConfig.properties
file.
- TLS timeout (in minutes)
- IBM Security Guardium Key Lifecycle Manager uses a default timeout value of 10
minutes. Values can range from 1 to 120. This configuration parameter is associated with
the value of the TransportListener.ssl.timeout property in the
SKLMConfig.properties
file.
- KMIP TLS port
- KMIP uses default port 5696.Values can
range from 1024 to 65535. This configuration parameter is associated with the value of the
KMIPListener.ssl.port property in the
SKLMConfig.properties
file.
- IBM Security Guardium Key Lifecycle Manager agent port
- Agent uses default port 60015 to communicate with IBM Security Guardium Key Lifecycle Manager server. You can update the default agent port
number only when the IBM Security Guardium Key Lifecycle Manager instance is not
configured for multi-master setup.
- REST interface:
- Obtain a unique user authentication
identifier to access IBM Security Guardium Key Lifecycle Manager REST
services. For more information about the authentication process, see Authentication process for REST services.
- To run Get Single Config Property REST Service, send the HTTP GET request.
Pass the user authentication identifier that you obtained in
Step a
along with the
request message as shown in the following example.
- Service request
GET https://localhost:<port>/SKLM/rest/v1/configProperties/
TransportListener.tcp.port
Content-Type: application/json
Accept: application/json
Authorization: SKLMAuth userAuthId=139aeh34567m
Accept-Language: en
- Success response
Status Code : 200 OK
Content-Language: en
{"TransportListener.tcp.port" : "3801"}
- Specify the required change. For example, to specify a different
TCP port number, send the following service request:
PUT https://localhost:<port>/SKLM/rest/v1/configProperties
Content-Type: application/json
Accept: application/json
Authorization: SKLMAuth authId=139aeh34567m
Accept-Language: en
{"TransportListener.tcp.port": "3802"}
What to do next
To put a change
such as a port number into effect, restart
the Guardium Key Lifecycle Manager server.