Joining NSX Managerand the DNE Key Manager allows these components to communicate with each other.
Verify that the NSX Manager is installed.
- Open an SSH session to the NSX Manager appliance as admin to log into the CLI.
- Open an SSH session to the DNE Key Manager appliance as admin to log into the CLI.
- On the NSX Manager appliance, run the get certificate api thumbprint command.
NSX-Manager1> get certificate api thumbprint ...
The command output is a string of numbers unique to this NSX Manager.
- On the DNE Key Manager appliance, run the join management-plane command.
When prompted, provide the following information:
Hostname or IP address of the NSX Manager with an optional port number
Username of the NSX Manager
Certificate thumbprint of the NSX Manager
Password of the NSX Manager
Interface name. The default interface is eth0.
NSX-Key-Manager1> join management-plane <NSX-Manager1-IP-Address> username admin thumbprint <NSX-Manager1-thumbprint> Password for API user: <NSX-Manager1-password> Restarting the KeyManager service. This may take a while ... Restart Done. KeyManager node successfully registered and service restarted
- Verify that the DNE Key Manager is configured properly using either a GUI or API call.
From your browser, log in to NSX Manager https://nsx-manager-ip-address. Select Encryption and navigate to the Keys tab.
Key Manager Status: Connected with a green dot appears.
Invoke the API call, /api/v1/network-encryption/key-managers .
What to do next
Enable the DNE configuration. See Enabling and Disabling DNE.