Previous Topic: Folders Used By Certificate ScriptsNext Topic: Designate a Secure Server

Platform Deployment GuideAdvanced Encryption ModeHow Do I Deploy CA DataMinder In Advanced Encryption Mode?

How Do I Deploy CA DataMinder In Advanced Encryption Mode?

For CA DataMinder to be compatible with FIPS 140-2, you deploy it in Advanced Encryption Mode. This section describes the deployment procedure.

Follow these steps:

  1. Designate a secure server that is separate from your intended CA DataMinder enterprise.
  2. Generate the self-signed root certificate.
  3. Generate the Key Store and Revocation List.
  4. Deploy your CA DataMinder servers and client machines.
    1. Create new administrative installation source images.
    2. Customize the new source images.
    3. Install the servers and client machines from the appropriate source image.
  5. Confirm that encryption is correctly configured in the machine policy for all your CA DataMinder servers and client machines.
  6. Secure the critical Advanced Encryption files on your CA DataMinder servers and client machines so that they can only be accessed by the CA DataMinder infrastructure.

More information:

Designate a Secure Server

Generate the Root Certificate

Generate the Key Store and Revocation List

Deploy CA DataMinder Machines

Ensure Machine Policy Is Correctly Configured

Secure the Critical Advanced Encryption Files