The Spectrum Protect  Client can be configured to securely transfer data across the network for all backup, restore and archiving operations. Follow these instructions to configure AES256-bit secure SSL communication between the SP client and the SP servers. This article assumes that you have already registered and configured the SP client to communicate with the Division of IT SP backup servers.

Configure SP SSL In-Flight Encryption

1. Determine the location of your SP installation directory.
   
   

   Platform	Default TSM Installation Location
   Windows	C:\Program Files\tivoli\tsm\baclient
   UNIX/Linux	/opt/tivoli/tsm/client/ba/bin
   Mac OS	/Library/Application Support/tivoli/tsm/client/ba/bin

    
2. Download the umd-digicertCA-dsmcert.zip attachment in this article and unzip all contents into the SP client installation directory.  Ensure there is no sub-directory when unzipping. The dsmcert.* files need to be in the SP installation directory. Determine the location for your SP client options file.
   
   

   Platform	Default SP Configuration File and Location
   Windows	C:\Program Files\tivoli\tsm\baclient\dsm.opt
   UNIX/Linux	/opt/tivoli/tsm/client/ba/bin/dsm.sys
   Mac OS	/Library/Preferences/Tivoli Storage Manager/dsm.sys

3. Edit the TSM Client options file to include the following lines.
   SSL YES
   TCPPort 1505
   
   
4. Ensure that the TCPSERVERADDRESS option has a DNS entry, such as sdc-busrv01.umd.edu or sdc-busrv02.umd.edu and is not an IP address.
5. Save the file and restart all TSM services.  

Verify that your connection is SSL-enabled

1.  Open the SP Client Graphic User Interface (GUI).  A connection should establish with the client and server.
2.  Click File. Then, click Connection Information.
   
   
3. Review the information on the next screen. SSL Information with AES256 information confirms SSL connectivity.