Encryption Profile

In the Encryption Profile you make encryption configurations to be used by the Encryption agent.

Configuration

To create a new Encryption profile, click the New Configuration button in the upper left part of the Build View, and then select Encryption Profile from the menu.

Encryption profile

Menus

The contents of the menus in the menu bar may change depending on which configuration type has been opened in the currently displayed tab. The Encryption profile uses the standard menu items and buttons that are visible for all configurations, and these are described in Build View.

The Edit menu is specific for the Encryption profile configurations.

ItemDescription

External References

Select this menu item to enable the use of External References in the Encryption profile configuration. This can be used to configure the following fields:

  • Key
  • KeyStore Path
  • Keystore password
  • Key Name
  • Key Password

For further information, see Using External Reference in Agent Profile Fields and External Reference Profile.

Settings

You can opt to choose a key definition using either a Directly Configured key or to Read Key from Keystore. Select the appropriate setting for the profile. 

Directly Configured key

You can enter a custom key in the Key input box or alternatively click on the Random button to automatically generate an entry. Using the Algorithm setting you can choose either the AES-128 or AES-256 cipher.

Read Key from Keystore

The keystore must be a JCEKS keystore.

Example - How to create a symmetric crypto key

$ keytool -keystore test.ks -storepass password -storetype jceks -genseckey -keysize 128 -alias testkey -keyalg AES

The following settings are available:

SettingDescription
KeyEnter the associated directly configured key.

Keystore Path

Enter the location of the JCEKS-type keystore from which you want to read the key. 
Keystore PasswordEnter the relevant keystore password. 
Key NameIf required, enter the key name. 
Key PasswordThe Key Password fields are optional. You can enter the key password, or if you leave this field empty, the Keystore Password is the default.