Product Documentation

Generate and export keyfiles for the Encryption Service

Jun 05, 2015
Updated: 2014-08-29

When you install and configure Services Manager platform components or services, the Configuration Tool attempts to discover the presence of the Encryption Service and access the encryption key that was created when you installed the Encryption Service. If the attempt is unsuccessful, the Configuration Tool prompts you to import a keyfile. You can generate and export this keyfile manually through the Encryption Service web site.

To access the Encryption Service web site and generate the keyfile, you must belong to the Domain Admins group or the CortexWSUsers group. If you do not belong to these security groups, the Encryption Service web site prompts you for the appropriate credentials. To generate the keyfile, you supply an encryption password that is at least eight characters long. You enter this password through the Configuration Tool when you import the keyfile.

  1. Using a web browser, navigate to the Encryption Service web site at https://EncryptionServiceFQDN/Encryption. The Export Encryption Key page appears.
  2. In Encryption Password, enter a string that is at least eight characters long.
  3. Click Download and save the keyfile when prompted. The default filename for the keyfile is key.csmk; however, you can save this file with any filename you choose.