Enabling Advanced Key Protect

With Advanced Key Protect, you can use an HSM to generate keys and, in the case of Code Sign Manager - Self-Hosted, store private keys remotely. This is an optional add-on feature to CyberArk Trust Protection Foundation.

To enable or disable Advanced Key Protect

1. On the CyberArk Trust Protection Foundation server, open the CyberArk Configuration Console, and click the Connectors node.
2. In the Actions panel, click Enable Advanced Key Protect (or Disable Advanced Key Protect).
3. Review the information in the dialog boxes and confirm the action.
4. Restart the IIS service by going to the Product node, and clicking on Website, and then clicking Restart.
5. Restart the Trust Protection Foundation service by clicking on Trust Protection Foundation service, and then clicking Restart.
6. Restart the Logging service by clicking on Logging, and then clicking Restart.

The change is reflected on the License Report that is automatically submitted to CyberArk. For information about the license report, see Licensing report.