beautypg.com

Clone key, 36 create key section components – HP Secure Key Manager User Manual

Page 119

background image

Table 36 Create Key section components

Component

Description

Key Name

This is the name that the server uses to refer to the key. The key name must begin with

a letter, must be between 1 and 64 characters (inclusive), and can consist of only

letters, numbers, underscores (_), periods (.), and hyphens (-).

Owner Username

You do not have to specify an owner for the key; if you leave that field blank, the

imported key is a global key and therefore accessible to all users. If you want to

assign an owner for the key, you can specify any valid user in the Owner Username

field. If you assign an owner, then that user is the only user who can access the key

(unless the key is given additional group permissions later).

Algorithm

The algorithm might be any one of the following:

AES-256

AES-192

AES-128

DES-EDE-168 (three key triple DES)

DES-EDE-112 (two key triple DES)

DES

RC4-128

RC4-40

HmacSHA1

RSA-2048

RSA-1024

RSA-512

NOTE:

Some of the algorithms listed above will not be available on FIPS-compliant

devices.

Deletable

A check mark in the box indicates that the key is deletable via an XML request by

the key owner (or any user for global keys). After a key is created, this value may

be changed.

Exportable

A check mark in the box indicates that the key is exportable via an XML request.

An exportable key can be exported by its owner and by members of a group with

“Export” permission for the key. (A global key marked exportable can be exported by

any user.) After a key is created, this value may be changed.

Versioned Key Bytes

When selected, the key contains multiple versions, up to a maximum of 4000. Each

key version has unique key bytes, but shared key metadata (key name, algorithm,

permissions, etc. The first key version is created when the key is created. Additional

key versions may be created later using the Key Versions section.

Copy Group

Permissions From

Select an existing key to copy its group permissions. The new key and the existing

key must be of compatible types; specifically, they must both use RSA, both use

HmacSHA1, or they may use either AES, DES, or RC4.

Create

Click Create to create the key.

Clone Key

Use this section to assign the key bytes and key metadata from an existing key to a new key. You can

choose to copy or ignore the existing group permissions and custom attributes. You can also use this

section to create a versioned key from a non-versioned key.

Secure Key Manager

119

See also other documents in the category HP Storage: