beautypg.com

Setting group permissions for a key, Downloading an rsa key, Deleting a key – HP Secure Key Manager User Manual

Page 44: Authorization policy procedures, Creating an authorization policy, Deleting an authorization policy, User and group procedures, Creating a user

background image

7.

To make the key exportable on from non-FIPS SKM, select Exportable. An exportable key can

be exported by its owner and by members of a group with “Export” permission for the key. An

exportable global key is exportable by all users.

8.

Paste the key bytes in the Key field. Asymmetric keys must be imported in PEM-encoded ASN.1

DER-encoded PKCS #1 format, and both the public and private keys must be imported. Symmetric

keys must be in Base 16 format, and in the case of DES keys, parity bits must be properly set.

NOTE:

The server will not import keys that are known to be weak, such as 64 bit DES. In addition,

the parity bits must be set properly; otherwise, the server returns an error.

9.

Click Import.

Setting group permissions for a key

Prior to setting group permissions, you must create a group. If your group permissions will use an

authorization policy, you must also create that authorization policy before continuing.
To set the group permissions for a key:

1.

Log in to the Management Console as an administrator with Keys and Authorization Policies access

control.

2.

Navigate to the Keys section of the Key and Policy Configuration page (Security > Keys). Select the

key for which you want to create permissions.

3.

Navigate to the Group Permissions section on the Permissions tab.

4.

Click Add.

5.

Enter a group name in the Group field.

6.

Select Always or choose an Authorization Policy for the export operation.

7.

Click Save.

8.

Click Add to create permissions for additional groups.

Downloading an RSA key

To download an RSA key:

1.

Log in to the Management Console as an administrator with Keys and Authorization Policies access

control.

2.

Navigate to the Keys section of the Key and Policy Configuration page (Security > Keys). Select

the RSA key.

3.

Navigate to the Public Key section.

4.

Click Download Public Key to download the public portion of the RSA key.

Deleting a key

To delete a key:

1.

Log in to the Management Console as an administrator with Keys and Authorization Policies access

control.

2.

Navigate to the Keys section of the Key and Policy Configuration page (Security > Keys).

3.

Select the key and click Delete.

44

Performing configuration and operation tasks