Use the graphical user interface or REST interface to change the replication
configuration parameters on a clone server. Data is replicated to the clone servers only if new
cryptographic objects are added to the master server.
Procedure
- Using graphical user interface
- Log in to the graphical user interface.
- Click
.
- Ensure that Clone role is selected.
- Modify the required properties in the Basic
Properties tab:
- Basic Properties
-
Clone listen port |
Port number that the clone server must listen on to receive backup files.
Default port number is 2222 . |
Master listen port |
Port number for communication when unserialized or delayed replications take
place. Default master listen port is 1111 . |
- To configure or modify the advanced properties, click the Advanced
Properties tab:
- Advanced Properties
-
Number of retries incase of restore failure |
Maximum number of retries that are allowed after the first restore operation
is failed. The value must be a positive integer between 0 - 2. |
Replication log file name |
Name and location for the replication log file. Default value for this
parameter is
<WAS_HOME>\products\sklm\logs\replication. |
Maximum log file size (in KB) |
Maximum size of a log file before rollover occurs. Default value is 1000 KB
(kilobytes). When the file reaches the maximum size, a new log file is created. |
Maximum number of log files to keep |
Maximum number of log files that you want to keep. By default, IBM® Security Guardium® Key Lifecycle Manager keeps the last 3 log files. When the number of
files exceed the specified limit, the oldest file is deleted. |
- Click OK.
- Click Start Replication Server to enable replication of the
cryptographic data to the clone servers based on a configured schedule.
- Using REST interface
- Open a REST client.
- Obtain a unique user authentication identifier to access IBM Security Guardium Key Lifecycle Manager REST services. For more information about the
authentication process, see Authentication process for REST services.
- Run Update Replication Config Property REST Service.
For
example:
PUT https://localhost:port/SKLM/rest/v1/replicationConfigProperties
{ "replication.role": "clone", "backup.TLSCertAlias":"sklmTLSCertificate",
"restore.ListenPort": "2222", "replication.MasterListenPort": "1111" }
For information about the replication configuration parameters, see Replication configuration properties.
What to do next
You might want to change the settings for other clone servers. Complete this procedure on each
clone server.