Encryption Profile
In the Encryption Profile you make encryption configurations to be used by the Encryption agent.
Configuration
To create a new Encryption profile, click the New Configuration button in the upper left part of the Build View, and then select Encryption Profile from the menu.
Encryption profile
Menus
The contents of the menus in the menu bar may change depending on which configuration type has been opened in the currently displayed tab. The Encryption profile uses the standard menu items and buttons that are visible for all configurations, and these are described in Build View.
The Edit menu is specific for the Encryption profile configurations.
Item | Description |
---|---|
External References | Select this menu item to enable the use of External References in the Encryption profile configuration. This can be used to configure the following fields:
For further information, see Using External Reference in Agent Profile Fields and External Reference Profile. |
Settings
You can opt to choose a key definition using either a Directly Configured key or to Read Key from Keystore. Select the appropriate setting for the profile.
Directly Configured key
You can enter a custom key in the Key input box or alternatively click on the Random button to automatically generate an entry. Using the Algorithm setting you can choose either the AES-128 or AES-256 cipher.
Read Key from Keystore
The keystore must be a JCEKS keystore.
Example - How to create a symmetric crypto key
$ keytool -keystore test.ks -storepass password -storetype jceks -genseckey -keysize 128 -alias testkey -keyalg AES
The following settings are available:
Setting | Description |
---|---|
Key | Enter the associated directly configured key. |
Keystore Path | Enter the location of the JCEKS-type keystore from which you want to read the key. |
Keystore Password | Enter the relevant keystore password. |
Key Name | If required, enter the key name. |
Key Password | The Key Password fields are optional. You can enter the key password, or if you leave this field empty, the Keystore Password is the default. |