You need to configure the Cryptographic Security Platform Compliance Manager instance using SSH before you can use the Cryptographic Security Platform Appliance Management webGUI.

Important: Cryptographic Security Platform Compliance Manager AMI support is for single instance only. Clustering with AMI is not supported.

Make sure you have the following information:

• The Amazon instance ID for the Cryptographic Security Platform Compliance Manager instance.

• The Elastic (Public) IP address associated with the instance.

• The private key file (in pem format) that was used when the instance was created.

Tip: To find this information, select Instances from the Amazon Management Console EC2 Dashboard, then select the Cryptographic Security Platform Compliance Manager instance in the table. In the Description tab, look at the Instance ID, IPv4 Public IP, and Key pair name fields.

Procedure 

1. Open a terminal window and navigate to the directory in which you have stored the private key file. If you have not used this key file before, make sure the permissions are set to -r-------- (chmod 400).

2. Log into the htadmin account on the Cryptographic Security Platform Compliance Manager instance using the private key file. 

   ssh -i <key-file>.pem htadmin@<Elastic-IP-addy>

   where key-file.pem is the name of the key pair associated with the instance and Elastic-IP-Addy is the public IPv4 address associated with the instance. For example, if your key pair is called CSP-Cluster-NorthAmerica.pem and the Elastic IP address is 52.18.58.35, you would enter: 

   ssh -i CSP-Cluster-NorthAmerica.pem htadmin@52.18.58.35

3. When prompted for the htadmin password, enter the Amazon instance ID for the Cryptographic Security Platform Compliance Manager instance that you are configuring.

4. Enter a new password for the Cryptographic Security Platform Compliance Manager system administration account htadmin and press Enter.

   This password controls access to the Cryptographic Security Platform Compliance Manager System Console that allows users to perform some Cryptographic Security Platform Compliance Manager administration tasks. It does not permit a Cryptographic Security Platform Compliance Manager user to access the full OS. Password requirements are configured by a Cryptographic Security Platform Compliance Manager administrator in the System Settings.

   Important: Make sure you keep this password in a secure place. If you lose the password, you will need to contact Entrust Support. For security reasons, Cryptographic Security Platform Compliance Manager does not provide a user-accessible password recovery mechanism.

5. On the System Configuration screen, select Install Cryptographic Security Platform Compliance Manager Node and press Enter.

   The installer begins the installation and configuration process. When the installer is done, it displays the status of the install and basic system configuration information.

6. After the installation process has finished, review the confirmation dialog. This dialog provides the public URL that can be used with the Cryptographic Security Platform Appliance Management webGUI as well as the private IP address that you can use if you want to add other Cryptographic Security Platform Compliance Manager nodes to this cluster. When you are ready, press Enter to finish the configuration process.