Previous Topic: Use the Administrative UI to Re-encrypt a Shared Secret

Next Topic: Re-encrypt Policy and Key Store Data

Use smreghost to Re-encrypt a Shared Secret

To use smreghost to re-encrypt a shared secret

  1. Open a command prompt and run the following command:
    smreghost -i policy_server_ip_address -u administrator_user_name
    -p administrator_password -hn hostname_for_registration -hc host_config_object
    -f path_to_host_config_file -o -cf MIGRATE
    

    smreghost re-registers the trusted host and creates a new shared secret that is encrypted using FIPS-approved algorithms.

  2. Open the file that contains the trusted host registration data and verify that a new shared secret is present and prefixed with a FIPS-approved algorithm.

    The shared secret is encrypted using FIPS-compliant algorithms.

    Prefix example: {AES}

You may now re-encrypt sensitive policy and key data in the policy store.


Copyright © 2010 CA. All rights reserved. Email CA about this topic