Configuring a KeyControl Cluster using nCipher nShield Connect HSM Client

After you have configured a single node cluster for the nCipher nShield Connect HSM, you can quickly add a new KeyControl node. All members of the KeyControl cluster must be added as clients of the nShield connect server(s).

1. Use the webGUI to join the new cluster to your existing cluster that is configured with nShield Connect HSM.

   For complete instructions, see Joining or Re-joining a KeyControl Cluster.

2. After the process is finished, log in to the new cluster node using the webGUI.
3. In the System Settings section, click HSM Server Settings.

4. On the HSM Server Settings tab, select nCipher nShield Connect HSM.

   You should see the nCipher nShield Connect HSM Server Settings page with all of the settings imported from the original cluster node.

5. Click the Client List tab to view the cluster nodes.
6. Copy the KeyControl IP address and the keyhash of the node that you just added, and paste them in a text window.

7. Use the IP address and keyhash to authenticate KeyControl on nShield. Please see your nShield documentation.

   Important: For KeyControl clusters, you will need to authenticate the IP address and keyhash for each KeyControl cluster node.

8. Return to the nCipher nShield Connect Server Settings page for the new cluster node.
9. Click the Locate Admin Key button to ensure that the new node is now fully connected to nCipher nShield Connect HSM.