In the Encryption Profile, you make encryption configurations to be used by the Encryption agent.

Configuration

To create a new Encryption profile, click the New Configuration button in the upper left part of the Desktop window, and then select Encryption Profile from the menu.

Encryption profile

Menus

The contents of the menus in the menu bar may change depending on which configuration type that has been opened in the currently displayed tab. The Encryption profile uses the standard menu items and buttons that are visible for all configurations, and these are described in 2.1 Menus and Buttons.

The Edit menu is specific for the Encryption profile configurations.

Item

Description

External References

Select this menu item to enable the use of External References in the Encryption profile configuration. This can be used to configure the following fields:

Key
KeyStore Path
Keystore password
Key Name
Key Password

For further information, see 8.11.4 Using External Reference in Agent Profile Fields and 8.11 External Reference Profile.

Settings

You have two options for configuring your keys; Directly Configured Key, and Read Key from Keystore.

Directly Configured Key

The following settings are available when selecting the Directly Configured Key option:

Setting	Description
Key	Enter a key manually, or click on the Random button to generate a random key.
Aglorithm	Select which algorithm you want to use; either AES-128 or AES-256. Note! In order to use AES-256, you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files on the EC in order to run the workflow. See http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html for further information.

Read Key from Keystore

If you want a key to be read from a specific keystore, it must be a JCEKS keystore.

Example - How to create a symmetric crypto key

$ keytool -keystore test.ks -storepass password -storetype jceks -genseckey -keysize 128 -alias testkey -keyalg AES

The following settings are available when selecting the Read Key from Keystore option:

Setting	Description
Keystore Path	Enter the location of the JCEKS-type keystore from which you want to read the key.
Keystore Password	Enter the relevant keystore password.
Key Name	If required, enter the key name.
Key Password	The Key Password fields is optional. You can enter the key password, or if you leave this field empty, the Keystore Password is the default.

Next:

9.23.3 Encryption Agent Configuration

Browser not supported