Linking KeyControl with HTCC

If you want to use the BoundaryControl feature for VMs in a Cloud VM Set or you want to link KMIP-client VMs to the KMIP objects they create in the KeyControl KMIP server, you need to link KeyControl to one or more HyTrust CloudControl (HTCC) servers. HTCC can then be used to configure rules and policies for the VMs in the associated Cloud VM Set while the Inventory feature tracks which client VMs go with which KMIP objects.

Each Cloud VM Set in KeyControl can be linked to a specific HTCC server, allowing you to select the best HTCC server for the VMs in each Cloud VM Set.

Before You Begin 

Procedure 

  1. If you are using HTCC version 5.1 or later, log into HTCC using an account with AppLink Management privileges and do the following:

    1. Select Configuration > App Links.
    2. On the One Time Code tab in the Select Role for App Link drop-down, select ASC_AppLinkAdmin.
    3. When you are ready to transfer the code to KeyControl, click Submit.
    4. Copy the one-time code displayed in the Code field.
  2. Log into the KeyControl webGUI on any node in the cluster using an account with Security Admin privileges.

  3. In the top menu bar click Settings.
  4. In the System Settings section, click HTCC App Link.
  5. On the HTCC App Link page, select Actions > Link and specify the options you want to use.

  6. When you are finished, click Create.
  7. If the connection information is correct, KeyControl displays the HTCC certificate. Verify that the certificate is correct and that it is linked to the expected server. If is it correct, click Yes.
  8. If desired, repeat this procedure to add a link to another KeyControl server.

What to Do Next 

To enable the BoundaryControl feature on a VM, you must first create a Cloud VM Set with BoundaryControl enabled and then add the VM to that set. For details, see Creating a Cloud VM Set. For information about the KeyControl KMIP server, see KMIP Client and Server Configuration.