Create a new Imperva WAF machine¶
Creating a new machine is the initial step in enabling TLS Protect Cloud to connect directly to application keystores for certificate management. Once you have created machines, you can move on to provisioning certificates to those machines.
Before you begin¶
- IP address or hostname of the Imperva WAF.
- Port number (conditional): required if you're using a port different from 443.
- Credentials: Choose between user credentials or shared credentials.
- User credentials: The account you use must have admin permission.
- Shared credentials: Optionally, you can use shared credentials from your credential provider (CyberArk is the only credential provider currently supported by TLS Protect Cloud). To use this option, first set up the connection to CyberArk.
- API ID and API KEY: retrieve these from your Imperva account.
-
The Imperva Address/Hostname field has a default value "my.imperva.com." Modify this hostname or IP address if your Imperva WAF is different.
-
If your Imperva WAF uses a port other than 443, enter the port number in the Port field.
-
(Optional) From the Credential Type drop-down, select either Enter Credentials or Select Credentials. Only users with the enabled "CyberArk shared credential" capability will see this option.
Important
Your view of credentials may be limited due to your role. System Administrators and PKI Administrators should be able to select any credential, but users with the Resource Owner role are limited to only using the credentials associated with their teams.
Note
- Enter Credentials - Is used to enter your admin credentials manually.
- Select Credentials - Is used to select your shared credentials from CyberArk.
- If you choose Enter Credentials, enter your Imperva WAF admin credentials in the Username and Password fields.
- If choose Select Credentials. From the Credential drop-down, select your shared credentials.
-
Enter your Imperva admin credentials in the Username and Password fields.
Warning
Remember to store your username and password securely when creating a new machine. For security reasons, you will not be able to modify the fields under the "Access" tab without these credentials. This ensures that only authorized individuals can modify these fields.
-
Enter your API ID, previously retrieved from your Imperva account.
-
Enter your API KEY, previously retrieved from your Imperva account.
Info
Creating an API KEY in your Imperva account will also generate an API ID.
-
Click Test Access, then click Create. Note that Create is only enabled if the Test Access is successful.
What's next?¶
-
Now that you have one or more machines created, you can provision certificates to those machines.
-
You can also discover certificates on machines to enable easy tracking of certificates deployed to your machines.