9.23.2 Encryption Profile
In the Encryption Profile you make encryption configurations to be used by the Encryption agent.
Configuration
To create a new Encryption profile, click the New Configuration button in the upper left part of the Desktop window, and then select Encryption Profile from the menu.
Encryption profile
Menus
The contents of the menus in the menu bar may change depending on which configuration type that has been opened in the currently displayed tab. The Encryption profile uses the standard menu items and buttons that are visible for all configurations, and these are described in 2.1 Menus and Buttons.
The Edit menu is specific for the Encryption profile configurations.
Item | Description |
---|---|
External References | Select this menu item to enable the use of External References in the Encryption profile configuration. This can be used to configure the following fields:
For further information, see 8.11.4 Using External Reference in Agent Profile Fields and 8.11 External Reference Profile. |
Settings
You have two options for configuring your keys; Directly Configured Key, and Read Key from Keystore.
Directly Configured Key
The following settings are available when selecting the Directly Configured Key option:
Setting | Description |
---|---|
Key | Enter a key manually, or click on the Random button to generate a random key. |
Aglorithm | Select which algorithm you want to use; either AES-128 or AES-256. Note! In order to use AES-256, you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction |
Read Key from Keystore
If you want a key to be read from a specific keystore, it must be a JCEKS keystore.
Example - How to create a symmetric crypto key
$ keytool -keystore test.ks -storepass password -storetype jceks -genseckey -keysize 128 -alias testkey -keyalg AES
The following settings are available when selecting the Read Key from Keystore option:
Setting | Description |
---|---|
Keystore Path | Enter the location of the JCEKS type keystore from which you want to read the key. |
Keystore Password | Enter the relevant keystore password. |
Key Name | If required, enter the key name. |
Key Password | The Key Password fields is optional. You can enter the key password, or if you leave this field empty, the Keystore Password is the default. |