Manage Key Management Interoperability Protocol (KMIP) servers in CloudLink Center A KMIP server is used to store public and private keys for encrypted machines. NOTE: The KMIP Server menu is only available in the CloudLink Center Contents panel after a KMIP license is uploaded. CloudLink Center supports the Key Management Interoperability Protocol (KMIP) to enable applications supporting that protocol to securely store keys and certificates. The applications, or KMIP clients, are given access to a single KMIP partition. A KMIP partition is a container for keys and certificates that are created by the client. Multiple clients can be assigned to the same partition. All objects within a partition are encrypted using a key that is saved to the keystore of a partition and are stored in the CloudLink Center database. NOTE: Adding KMIP clients and generating new certificates for KMIP clients functions are unavailable in Microsoft Edge and Internet Explorer. Use Mozilla Firefox or Google Chrome if you must add or modify KMIP clients or generate a new certificate. KMIP Client High Availability (HA) A KMIP Client provides high availability if one of the KMIP servers is unavailable. For example, a KMIP server may become unavailable unexpectedly due to a connection issue. A KMIP server may also become unavailable during periods of planned maintenance. The CloudLink KMIP Client HA supports a KMIP server cluster of up to four KMIP servers. Use the same KMIP certificates, keys, and credentials to access all the KMIP servers. Child TopicsChange KMIP server certificatesUse this procedure to change the KMIP server certificate if required. Change KMIP certificates if the hostnames in the certificate are no longer valid. Change Subject Alternate namesUse this procedure to change the additional host names used for the KMIP server certificate. Download KMIP server certificateUse this procedure to download the current KMIP server certificate. Generate CSR for KMIP serversUse this procedure to generate a certificate signing request (CSR), which involves CloudLink Center generating a private key and signing the request. The request is then fulfilled by a certificate authority (CA), and the final certificate is uploaded to CloudLink Center. Upload KMIP server CA-signed certificateUse this procedure to upload a new certificate and an optional private key, the web server restarts and the connection is terminated. After uploading a certificate signed for CloudLink Center, verify the subject, end date, and fingerprint to ensure that it is the correct certificate. Change KMIP CSR server certificate lifetimeUse this procedure to change the maximum lifetime for KMIP server certificates. Manage KMIP partititionsThis topic provides information about managing KMIP partitions. Manage KMIP clientsThis topic provides information about managing KMIP clients.