Previous Topic: Reset the r6.x Policy Store Encryption KeyNext Topic: Configure Agent Key Generation

Policy Server GuidesPolicy Server Administration GuideConfiguring and Managing Encryption KeysReset the r12.x Policy Store Encryption Key

Reset the r12.x Policy Store Encryption Key

Follow these steps:

  1. Log in to the Policy Server host system.
  2. Stop the Policy Server.

    Note: Stop all Policy Servers pointing to the policy store before changing the encryption key.

  3. Export a full-backup of the policy store contents using XPSExport

    xpsexport <filename> -xb –npass

    or (for encrypted output)

    xpsexport <filename> -xb –pass <password>

  4. Export the Agent Keys using smkeyexport (clear-text option is required)

    smkeyexport –o <filename> -d<sm admin name> -w<smadmin password> -c

  5. Change the policy store encryption key

    smreg –key <new key>

  6. Reset and test the policy store password using SmConsole

    Use the "Data" tab of SmConsole to re-enter the previously configured password, apply the change and then use the "Test Connection" button to verify.

  7. Import the policy store contents using XPSImport using export taken in Step 3.

    xpsimport <filename> –fo –pass <password>

    or (if no password was used to create the export file):

    xpsimport <filename> –fo –npass

  8. Import the Agent Keys using smkeyimport (clear-text option) using export taken in Step 4.

    smkeyimport –i<filename> -d<sm admin name> -w<sm admin password> -c

  9. Restart the Policy Server.

The policy store encryption key is reset.