Enable Encryption In-Flight for the Spectrum Protect Client
The Spectrum Protect Client can be configured to securely transfer data across the network for all backup, restore and archiving operations. Follow these instructions to configure AES256-bit secure SSL communication between the SP client and the SP servers. This article assumes that you have already registered and configured the SP client to communicate with the Division of IT SP backup servers.
In this article, you will learn how to:
Configure SP SSL In-Flight Encryption
- Determine the location of your SP installation directory:
||Default TSM Installation Location
- Download the umd-digicertCA-dsmcert.zip attachment in this article and unzip all contents into the SP client installation directory. Ensure there is no sub-directory when unzipping. The dsmcert.* files need to be in the SP installation directory.
- Determine the location for your SP client options file:
||Default SP Configuration File and Location
||/Library/Preferences/Tivoli Storage Manager/dsm.sys
- Edit the TSM Client options file to include the following lines:
- Ensure that the TCPSERVERADDRESS option has a DNS entry, such as sdc-busrv01.umd.edu or sdc-busrv02.umd.edu and is not an IP address.
- Save the file and restart all TSM services.
Verify that your connection is SSL-enabled
- Open the SP Client Graphic User Interface (GUI). A connection should establish with the client and server.
- Click File. Then, click Connection Information.
- Review the information on the next screen:
SSL Information with AES256 information confirms SSL connectivity.