|
|
|
You re-encrypt the keys stored in the policy or key store to replace the existing keys with versions that are encrypted using FIPS-compliant algorithms.
To re-encrypt the keys stored in the policy or key store
smkeyexport -dadmin_name -wadmin_password -ooutput_file_name -l -v -t -cf
Specifies the name of the SOA Security Manager administrator account.
Specifies the password for the SOA Security Manager administrator account.
(Optional) Specifies the name of the exported file. If you do not specify a file name, the default file name is stdout.smdif.
Note: Ensure that the file name contains the .smdif extension.
Example: pskeys.smdif
Specifies that a log file be created.
(Optional) Enables verbose mode for troubleshooting.
(Optional) Enables tracing for troubleshooting.
Specifies that smkeyexport run in FIPS-migration mode.
Note: When smkeyexport runs in FIPS-migration mode, the keys stored in the policy store are exported and re-encrypted using FIPS-compliant algorithms.
smkeyexport exports an smdif file that contains the re-encrypted keys.
smkeyimport -iinput_file_name -dadmin_name -wadmin_password -l -v -t -cf
Specifies the name of the file output file you created.
Note: Ensure that the file name you specify includes the .smdif extension.
Specifies the name of the SOA Security Manager administrator account.
Specifies the password for the SOA Security Manager administrator account.
Specifies that a log file be created.
(Optional) Enables verbose mode for troubleshooting.
(Optional) Enables tracing for troubleshooting.
Specifies that smkeyimport run in FIPS-migration mode.
smkeyimport imports the re-encrypted keys into the respective store.
You may now re-encrypt policy store data.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |