Encryption (4.3)
In the Encryption Profile, you make encryption configurations to be used by the Encryption agent.
Configuration
To create a new Encryption profile, open the Configuration tab from the Desktop window, and then select Encryption Profile from the selection list.
Encryption profile
Menus
The contents of the menus in the menu bar may change depending on which configuration type has been selected. The Encryption profile uses the standard menu items and buttons that are visible for all configurations, and these are described in Build View.
The Edit menu is specific for the Encryption profile configurations.
Item | Description |
---|---|
External References | Select this menu item to enable the use of External References in the Encryption profile configuration. This can be used to configure the following fields:
For further information, see Using External Reference in Agent Profile Fields and External Reference Profile. |
Settings
You have two options for configuring your keys; Directly Configured Key, and Read Key from Keystore.
Directly Configured Key
The following settings are available when selecting the Directly Configured Key option:
Setting | Description |
---|---|
Key | Enter a key manually, or click on the Random button to generate a random key. |
Algorithm | Select which algorithm you want to use, AES-128 or AES-256 are supported. Note! In order to use AES-256, you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction |
Read Key from Keystore
If you want a key to be read from a specific keystore, it must be a JCEKS keystore.
Example - How to create a symmetric crypto key
$ keytool -keystore test.ks -storepass password -storetype jceks -genseckey -keysize 128 -alias testkey -keyalg AES
The following settings are available when selecting the Read Key from Keystore option:
Setting | Description |
---|---|
Keystore Path | Enter the location of the JCEKS type keystore where the key is accessible. |
Keystore Password | Enter the associated keystore password. |
Key Name | Enter the key name. |
Key Password | Key Password is an optional field. You can enter the key password, or if you leave this field empty, the Keystore Password is the default. |