Symmetric encryption keys protect communication between CA ControlMinder components. You use the sechkey utility to change the symmetric encryption keys. You can use sechkey in interactive or non-interactive mode.
Before you change the symmetric encryption key, note the following limitations:
You must have the ADMIN attribute to use sechkey.
Important! To avoid communication problems, use the same encryption key on all computers that run CA ControlMinder components.
To change the symmetric encryption key
If you are changing the encryption settings on a CA ControlMinder Enterprise Management server, also stop the CA ControlMinder Web Service.
sechkey
The utility prompts you to enter the existing key and the new key, and changes the symmetric encryption key.
If you are changing the encryption settings on a CA ControlMinder Enterprise Management server, also start the CA ControlMinder Web Service.
CA ControlMinder starts and encrypts communication with the new encryption key.
Example: Change the Symmetric Encryption Key in Non-interactive Mode
The following example changes the default CA ControlMinder symmetric key to a new key with the value newkey:
sechkey -d newkey
Note: For more information about the sechkey utility, see the Reference Guide.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|