You can configure CA ControlMinder to use a password-protected server certificate; if you do, CA ControlMinder uses a specified password to protect the private key for the server certificate. CA ControlMinder stores the password in the crypto.dat file in the ACInstallDir/Data/crypto directory, where ACInstallDir is the directory in which you installed CA ControlMinder. The crypto.dat file is hidden, encrypted, read-only, and protected by CA ControlMinder. If CA ControlMinder is stopped, only the superuser can access the password.
If you create a password-protected server certificate, sechkey does not encrypt the certificate. If you create a server certificate that is not password-protected, sechkey encrypts the certificate using AES256 and the CA ControlMinder encryption key.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|