Connector Guides › Connectors Guide › Connecting to Endpoints › Microsoft Exchange Connector › Activating CAM and CAFT Encryption

Activating CAM and CAFT Encryption

To install the encryption key, follow these steps:

1. Enter the following command at the command prompt to generate your key file:

   #PATH=`cat/etc/catngcampath`/bin:$PATH
   

   	#export PATH
   	#caftkey -g keyfile password
   

   where:

   keyfile is the name you assign to the key file.

   password is the password you assign to the key file.

   Note: The caftkey command and attributes are the same for Win32 platforms.

2. Install your Public Key on both CAFT Agent and CAFT Admin computers using the previously-generated key file by entering the following command at the command prompt:

   #PATH=`cat/etc/catngcampath`/bin:$PATH
   

   	#export PATH
   	#caftkey -policy_setting keyfile password
   

   • keyfile and password must be the same values you specified in Step 1.-policy_setting is -i, -m, or blank.
   • The policy_setting governs the communication between this computer (the local computer) and other computers that have the CAM and CAFT Service installed, but may or may not have the CAM and CAFT encryption certificates installed.

   Policy -1 (caftkey -i keyfile password)

   The -i option specifies Policy -1. This policy lets computers running previous versions of the CAM and CAFT Service execute commands on this computer and lets this computer execute commands on those computers. Policy -1 encrypts messages if the other computer has these certificates installed. This policy does not encrypt messages if the other computer does not have these certificates installed.

   Policy 1 (caftkey -m keyfile password)

   The -m option specifies Policy 1. This policy prohibits other computers from executing commands on this computer if they are running previous versions of the CAM and CAFT Service without the encryption certificates. This policy also prohibits this computer from executing commands on those computers.

   If both computers have the CAM and CAFT encryption certificates installed, but have different Public Key Files installed when Policy 1 is set, the command requests between the two computers always fail.

   The Blank Option

   The blank option specifies Policy 0. This policy is set if no Public Key File is installed, the CAM and CAFT encryption certificates were not installed properly, or if you do not specify a policy setting when you enter the caftkey command. Policy 0 specifies no encryption.

   Note: The CAM and CAFT Service must already be installed on the computer in your network. For example, to install the encryption key on Linux computers, run the following commands:

   	#tar xvf LINUX_V1.07_20020319_Build230.tar
   	#cd ./cam/scripts
   	#./install
   

3. Recycle the CAM Service on each computer where you install the new Key as follows:

   prompt> camclose              //stop Cam/Caft service and processes
   

   prompt> cam start             //start CAM service and process
   

   Check the Policy setting:

   To see what mode the computer is operating in, look in the following file:

   %CAI_MSQ%\ftlogs\dg000