Previous Topic: Configure SNMPv2c and SNMPv3 Trap Destinations

Next Topic: Disable SNMPv1 and SNMPv2c

CA SystemEDGE User GuideAgent ConfigurationSNMPv3 ConfigurationEncrypt the SNMPv3 Configuration File

Encrypt the SNMPv3 Configuration File

SNMPv3 encryption is provided using the encryption (privacy) protocol, DES as the authentication protocol, and SHA using a default CA defined key. The encrypted configuration files can be generated in a central location and shared among several hosts.

For additional security, you can encrypt the SNMPv3 configuration file, sysedgeV3.cf. You must create a clear text version of the file, encrypt it, and install the encrypted file in the appropriate directory.

If you use the optional –L switch, the utility detects the current locale of the console and language catalog if available. If a language catalog is not found, the utility falls back to English as a default language.

To encrypt the SNMPv3 configuration file

  1. Test and validate the syntax in sysedgeV3.cf.
  2. Encrypt sysedgeV3.cf with the following command: 
    se_enc -i sysedgeV3.cf -o sysedgeV3.cf.crypt -m 2 -d 2
  3. Move the clear text sysedgeV3.cf to an archive area.
  4. Rename sysedgeV3.cf.crypt to sysedgeV3.cf.
  5. Copy sysedgeV3.cf to the agent's data directory or apply the file via remote deployment from CA Server Automation manager.

Note: SNMPv3 configuration files can be shared among several hosts.