Archive keystore reference

This article applies to CrashPlan Enterprise and MSPs.png

Overview 

External keystores mean that in the CrashPlan cloud you can store copies of users' encryption keys in your own keystore. In the CrashPlan console, the Archive Keystore view allows you to identify, monitor, configure, and move your keystore.

For details about managing archive keystores, see Manage your CrashPlan archive keystore.

Considerations 

You need the Customer Cloud Admin role to work with the keystore.

Archive keystore 

To access the keystore:

  1. Sign in to the CrashPlan console.
  2. Select Administration > Environment > Keystore.

keystore.archive.annotated_top_nav.png

Item   Description
a Action menu

Commands available in the Archive Keystore view:

  • Edit Keystore: Provide a new URL and certificate file for a private keystore. (Self-administered only.)
  • Migrate Keystore: Move keys from one storage location to another.
  • View Keystore History: See a log of all keystore configuration and migration activity. (Disabled until the first history record exists.)
b Administrator
  • CrashPlan: The keystore is owned and operated by CrashPlan.
  • Self-Administered: A private keystore owned and operated by the customer.
c Type

Vault: A server and storage service separate from the CrashPlan cloud.
For details, see Configure a Vault server to hold your CrashPlan archive keystore.

d URL
(Self-administered only.)
The address, including port number, of a self-administered keystore.
e Connection Status

The state of CrashPlan-keystore communications at the time this view opened.

 

Online: The CrashPlan cloud and keystore are communicating.

 

Offline since date, time (cause):

  • Host unavailable: The keystore does not respond to CrashPlan cloud requests.
    Possible error messages:
    • Bad HTTP response failure
    • Certificate verification error while connecting to your Vault URL
    • DNS resolution failure
    • Request failure
    • Unknown failure
    • Unsupported or unrecognized SSL message
    • Web certificate expired
    • Web certificate not yet valid
  • Unable to authenticate: The Vault is not allowing the administrator to access the data.

    Possible error messages: 

    • Authentication certificate expired
    • Authentication certificate not yet valid
  • No request: The server failed to test the connection.
  • Unknown: A migration has just completed. There is no data to inform a status report.

The timestamps present your local time in a 12-hour clock.

f Connection Reliability A summary of the data reported in the time line below.
g Time line keystore.icon.green.png keystore.icon.red.png keystore.icon.white.png

The CrashPlan cloud tests its connection to your keystore every minute.

The time line reports the result of the last hour's tests:

keystore.icon.green.png Keystore is online
keystore.icon.red.png Keystore is offline
keystore.icon.white.png Unknown (the CrashPlan cloud has no data to report)

The timestamps report your local time in a 24-hour clock.

 

Edit keystore 

Edit the configuration of a private keystore by selecting the action menu > Edit Keystore. (Self-administered keystores only.)

keystore.edit.annotated.png

 

Item   Description
a URL The address of a private Vault keystore.
b Upload PFX or P12 file

Click to provide the security certificate for the Vault.

The file must be a PFX or PKCS12 certificate. The file name extension need not be .pfx or .p12.

c PFX or P12 file password The password for the certificate, if it is configured to use one.

Migrate keystore

Move a keystore from one location to another by selecting the action menu > Migrate keystore.

keystore.migrate.annotated.png

Item   Description
a Type
  • CrashPlan Vault: Move copies of keys to the keystore service owned and managed by CrashPlan.
  • Self-Administered Vault: Move copies of keys to a keystore service owned and managed by the customer.
b URL The address of a self-administered keystore.
c Upload PFX or P12 file

Click to provide the security certificate for the Vault.

The file must be a PFX or PKCS12 certificate. The file name extension need not be .pfx or .p12.

d PFX or P12 file password The password for the certificate, if it is configured to use one.
e Who should be notified when this migration is complete? The email address to receive notice from the CrashPlan cloud when migration starts, and when it either fails or succeeds.

Keystore history

View the record of all your keystore configuration and migration activity by selecting the action menu > View keystore history. (Self-administered keystores only.)

keystore history.png

Item   Description
a

Date & Time

When an event took place, in your local time.
b User

The administrator who initiated the event.

  • system: the CrashPlan cloud.
c Action Type
  • Migration: A process of moving copies of keys from one location to another.
  • Configuration: A process of changing a keystore's URL and security certificate.
d Action Details Detailed description of the event.

 

External resources 

Was this article helpful?
0 out of 0 found this helpful

Articles in this section

See more