Network Time Protocol Server Configuration
Proper time synchronization on the CipherTrust Manager appliance is crucial for correct functioning of the following features:
Configuring a Hardware Security Module (HSM) as Root of Trust
External user management protocols such as OpenID Connect (OIDC) or Lightweight Directory Access Protocol (LDAP).
Client connector applications such as Data Discovery and Classification.
Integrations with external clouds such as Google.
We strongly recommend configuring at least one Network Time Protocol (NTP) Server for the CipherTrust Manager immediately after deployment to ensure accurate time synchronization. In general, NTP Server configuration ensures that communications between a CipherTrust Manager and any external entity will work.
Add an NTP Server
For authenticated NTP servers, you must provide an encryption key. Otherwise, the IP address or hostname is sufficient.
In the CLI:
ksctl ntp servers add --host <NTP_server_host_or_IP_address> --key <encryption_key_material>
In the UI:
Navigate to Admin Settings > NTP.
Enter in an NTP Server hostname.
For an authenticated NTP Server, enter in a symmetric key value in the NTP Key field.
Click the +Add NTP Server button.
Delete an NTP Server
In the CLI:
ksctl ntp servers add --host <NTP_server_host_or_IP_address>
In the UI:
Navigate to Admin Settings > NTP.
View the Configured NTP Servers, and find the server you wish to delete.
Click the trash can icon to the right of the server hostname or IP address.