Managing keys and certificates for connection to IBM Spectrum Protect Plus components

Keys and certificates are used in the IBM Spectrum Protect Plus environment to provide secure connections to IBM Spectrum Protect Plus components.

Keys, and in some environments certificates, are required to enable IBM Spectrum Protect Plus to connect to the following components:

Secondary backup storage: The cloud resources and repository servers that provide secondary backup storage require credentials to serve as copy destinations. Access keys and secret keys are provided by your cloud resource or repository server interface. These keys serve as the username and password of your copy destinations and allow them to be accessed by IBM Spectrum Protect Plus. Some copy destinations also require SSL certificates for additional data security. The SSL certificate can be a certificate that is issued by a certificate authority (CA).

Linux-based resources: You can add a Secure Shell (SSH) key to provide credentials for Linux-based resources on virtual machines managed by vCenter and Hyper-V, as well as Oracle, Db2, and MongoDB application servers. SSH keys help to provide a secure connection between IBM Spectrum Protect Plus and target resources for file indexing and restore operations.

When you add a key or certificate to IBM Spectrum Protect Plus, the list of available keys and certificates is updated so that you can select a key or certificate as needed in the user interface.

For information about using an SSL certificate for secure connections to the IBM Spectrum Protect Plus user interface, see Uploading an SSL certificate.