Encryption (4.3)

In the Encryption Profile, you make encryption configurations to be used by the Encryption agent.

Configuration

To create a new Encryption profile, open the Configuration tab from the Desktop window, and then select Encryption Profile from the selection list.

Encryption profile

Menus

The contents of the menus in the menu bar may change depending on which configuration type has been selected. The Encryption profile uses the standard menu items and buttons that are visible for all configurations, and these are described in Build View.

The Edit menu is specific for the Encryption profile configurations.

ItemDescription

External References

Select this menu item to enable the use of External References in the Encryption profile configuration. This can be used to configure the following fields:

  • Key
  • KeyStore Path
  • Keystore password
  • Key Name
  • Key Password

For further information, see Using External Reference in Agent Profile Fields and External Reference Profile.

Settings

You have two options for configuring your keys; Directly Configured Key, and Read Key from Keystore.

Directly Configured Key

The following settings are available when selecting the Directly Configured Key option:

SettingDescription

Key

Enter a key manually, or click on the Random button to generate a random key.
Algorithm

Select which algorithm you want to use, AES-128 or AES-256 are supported.

Note!

In order to use AES-256, you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction 
Policy Files on the EC in order to run the workflow. See http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html
for further information.

Read Key from Keystore

If you want a key to be read from a specific keystore, it must be a JCEKS keystore.

Example - How to create a symmetric crypto key

$ keytool -keystore test.ks -storepass password -storetype jceks -genseckey -keysize 128 -alias testkey -keyalg AES

The following settings are available when selecting the Read Key from Keystore option:

SettingDescription

Keystore Path

Enter the location of the JCEKS type keystore where the key is accessible. 
Keystore PasswordEnter the associated keystore password. 
Key NameEnter the key name.
Key PasswordKey Password is an optional field. You can enter the key password, or if you leave this field empty, the Keystore Password is the default.Â