Key Manager Plus (2024)

1. Starting & Shutting Down Key Manager Plus

1.1 In Windows

1.2 In Linux

2. Connecting to Key Manager Plus Web Interface

2.1 Automatic Browser Launch

Once the server is started successfully, a browser is automatically launched with the Key Manager Plus login screen. As the connection is through HTTPS, you will be prompted to accept security certificate. Hit 'Yes' and then type the user name and password in the login screen and press Enter. For an unconfigured setup, the default user name and password will be admin and admin respectively. Every time you start the server, the browser will be automatically launched.

2.2 Launching the Web Client Manually

In the case of windows, you can also launch the web client manually from the Windows Tray. Right-click the Key Manager Plus tray icon and click "Key Manager Plus Web Console". A browser would be launched with the Key Manager Plus login screen. As the connection is through HTTPS, you will be prompted to accept security certificate. Hit 'Yes' and then type the user name and password in the login screen and press Enter. For an unconfigured setup, the default user name and password will be admin and admin respectively. Every time you start the server, the browser will be automatically launched.

In the case of Linux, open a browser and connect to the URL:

2.3 Connecting the Web Client in Remote Hosts

To connect web clients in a different machine from the one in which Key Manager Plus is running, open a browser and connect to the URL:

https://<hostname>:port

As the connection is through HTTPS, you will be prompted to accept security certificate. Hit 'Yes' and then type the user name and password in the login screen and press Enter. For an unconfigured setup, the default user name and password will be admin and admin respectively. Every time you start the server, the browser will be automatically launched.

3. Ports Used by Key Manager Plus

Key Manager Plus uses the following two ports:

1. PostgreSQL port: 53306
2. Web client port: 6565

4. Managing Key Manager Plus Encryption Key

Key Manager Plus uses AES - 256 encryption to secure SSH keys, SSL certificate and other sensitive information in its database. The key used for encryption is auto-generated and is unique for every installation. You can find the key in the file namedpmp_key.keyunder the path<KeyManager_Home>/conf. Key Manager Plus does not allow you to store the encryption key within theKey Manager Plus installation directory. This is done to prevent storing of both the encrypted key and encrypted data, in both live and backed-up database, together in the same place.

We strongly recommend that you store the encryption key outside Key Manager Plus server - preferably in any other separate machine or in any external drive (hard drive, thumb drive etc.,). And in such cases, you have to make sure that Key Manager Plus server has full permission to access the device and the encryption key stored in it, whenever you start Key Manager Plus service. Once the service gets up and running, it does not need the encryption key anymore and the external device containing the key can be taken offline.

Key Manager Plus stores the path of the encryption key in a configuration file namedmanage_key.confunder the location<KeyManager_Home>/conf.You can edit that file directly to change the key location. Edit the location and provide the new path where you have now stored the key.

Note: You need to take care of sufficiently protecting the key with layers of encryption (like using Windows File Encryption for example) and access control. Only Key Manager Plus needs access to this key, so make sure no other software, script or person has access to this key under any circ*mstance. You also need to take care of securely backing up the pmp_key.key file yourself. You can recover from PMP backups only if you supply this key. If you misplace the key or lose it, Key Manager Plus will not start.

5. Moving Key Manager Plus Installation Within Same Machine / From One Machine to Another

If you want to move the Key Manager Plus installed in one machine to another or to a different location within the same machine, follow the procedure detailed below:

1. Prerequisite
   1. Do not remove existing installation of Key Manager Plus until the new installation works fine. This is to ensure backup to overcome disasters/data corruption during the movement.
2. Procedure
   1. Take backup of the current database. Install the same version of Key Manager Plus (as the version of which backup was taken) in the new machine.
   2. Restore the backup data in the new installation.

6. Licensing

There are three license types for ManageEngine Key Manager Plus:

1. Evaluation Version

• Fully Functional
• Valid for 30 days
• Supports upto 50 keys*

2. Free Version

• Valid Forever
• Supports upto 5 keys*

3. Registered Version

• The licensing is based on the number of managed keys*

The term 'Keys' refers to the number of SSH private keys plus SSL certificates plus any other digital key being managed.

Note: Key Manager Plus provides two user roles – Administrator and Operator. For more details on the user roles, refer to this section of our help documentation.

6.1 Apply License File

When you purchase Key Manager Plus, you will get a product license key. You can apply the license key by following the steps below:

1. On the top right hand corner of the GUI, you will find your account information. Click that.
2. Select theLicenseoption.
3. Click theUpdate Licensebutton in theLicense Detailspop-up window.

Upload the license file supplied to you by Key Manager Plus.

For more information, contact sales@manageengine.com

For any assistance, please contact
keymanagerplus-support@manageengine.com / Toll Free: + 1-888-720-9500