Verify your environment meets these requirements.
Supported hardware
- KMES Series 3, application version
6.3.1.3 or later, with initial setup completed (including loading a Platform Master Key and network configuration).
Supported operating systems
- Linux (Ubuntu, Debian, and Red Hat-based distributions)
Required access
- An account on the KMES with administrator permissions to create roles, identities, TLS PKI, and update system settings.
- Local administrator/root access on the Linux server where Ansible Vault is installed.
Network and firewall
- Allow outbound TCP port 2001 (default Host API port) from the server running Ansible Vault to the KMES Series 3, specified by FQDN (for example,
kmes.example.com) or CIDR (for example, 10.0.0.0/24).
TLS inspection or SSL proxies can break mutual TLS handshakes. Exempt the KMES FQDN(s) from inspection. Configure the KMES Series 3 with an FQDN so the exemption applies.
Other
- OpenSSL (
v3.0 or newer)
- OpenSSH server
- Ansible
