Previous Topic: Options for Re-encrypting Policy and Key Store Data

Next Topic: Re-encrypt the Policy Store Data

Re-encrypt Keys Stored in the Policy or Key Store

You re-encrypt the keys stored in the policy or key store to replace the existing keys with versions that are encrypted using FIPS-compliant algorithms.

To re-encrypt the keys stored in the policy or key store

  1. Open a command prompt from the computer hosting the Policy server and run the following command:
    smkeyexport -dadmin_name -wadmin_password -ooutput_file_name -l -v -t -cf
    

    smkeyexport exports an smdif file that contains the re-encrypted keys.

  2. Run the following command:
    smkeyimport -iinput_file_name -dadmin_name -wadmin_password -l -v -t -cf
    

    smkeyimport imports the re-encrypted keys into the respective store.

You may now re-encrypt policy store data.


Copyright © 2010 CA. All rights reserved. Email CA about this topic