Automatic SynchronizationThe drive table and properties file can be sent from a primary key manager serverto a secondary server automatically. The secondary server must be running forsynchronization of the data to occur. To automatically synchronize the data fromthe primary to the secondary, the following four properties in the primary serverKeyManagerConfig.properties file must be specified. There are no changes requiredto the secondary or receiving server properties file.sync.ipaddressSpecifies the address and ssl port of the receiving server, for example,sync.ipaddress = backupekm.server.ibm.com:1443If this property is unspecified or specified incorrectly, automaticsynchronization is disabled.sync.actionMerge or rewrite the existing data in the receiving server Valid values aremerge (default) and rewrite. Synchronizing the configuration properties alwaysresults in a rewrite.sync.timeinhoursHow often the data should be sent. The value is specified in whole numbers(hours). The time interval begins when the server is started, that is, thesynchronization will occur after the server has been running for the specifiednumber of hours. The default is 24.sync.typeWhich data should be sent. Valid values are drivetab (default), config, and all.Configuration BasicsNote: If you followed the procedure in “Using the GUI to Create a ConfigurationFile, Keystore, and Certificates” on page 3-5, then a basic configuration isalready created and you do not have to perform any of the steps below. Thisinformation shows how to perform these tasks without using the GUI, andmay be useful if you wish to take advantage of additional configurationoptions.Note to Windows Users: Windows does not accept commands with directorypaths that contain blanks. When entering commands itmay be necessary to specify the short name generated forsuch directories, for example progra~1 instead of ProgramFiles. To list directory short names, issue the dir /xcommand.This procedure contains the minimum steps necessary to configure the EncryptionKey Manager. Appendix A includes examples of server configuration property files.See Appendix B for a complete list of all properties for both server and clientconfiguration.1. Use keytool to manage JCEKS keystores. When creating the keystore, takenote of the path and filename as well as the names given to the certificatesand keys. This information will be used in later steps.2. Create a keystore if none exists. Add or import the certificates and keys thatwill be used with your tape drives to this new keystore. (See “GeneratingChapter 4. Configuring the Encryption Key Manager 4-3