The SecurityServer EKM provider can be customized using the configuration file. Edit the configuration file to your needs. At least, change the Device setting. Make sure the Microsoft SQL Server service account has write access to the folder containing the external keystore and the log file.
|
Parameter |
Description |
|
ConnectionTimeout |
Specifies the maximum time in milliseconds to wait before the connection establishment is aborted if the device is not responding. |
|
Device |
Specifies the device address of the SecurityServer device. This can be a local PCI-e card (PCI:0) or a network address ([port@]IP). |
|
KeysExternal |
To enable external keystore |
|
KeyStorageType |
Database type for keystorage |
|
KeyStorageConfig |
Configuration of the KeyStorage |
|
LogFile |
Specifies the path and the name of the log file. |
|
LogLevel |
Specifies the log level. Higher levels include the information of the lower levels. 0=no log, 1=errors, 2=warnings, 3=info, 4=trace, 5=debug. |
|
LogSize |
Defines the maximum size of the log file. If the maximum is reached, the old log file will be renamed to .bak and a new log file with the name defined by LogFile is created. |
|
Timeout |
Specifies the maximum time in milliseconds to wait for the answer from SecurityServer after sending a command. |
Table 6: List of Configuration Parameter