|
|
|
Use the RDEFINE command to define a specific key to CA Top Secret. This command indicates the type of key you want to define. Use this command with an associated PERMIT command for each key and each subsystem.
This command has the following format:
TSS ADDTO(department) CA@BES(BESn.key_type.key_name)
Indicates a CA Top Secret command.
Specifies the ADDTO command. The short form of this command is ADD.
Specifies the department name that owns the BES resources.
Specifies the general resource class for CA Tape Encryption. For keys, this is always CA@BES.
Indicates the BES task number. If you specify BES with no subsystem identifier, the profile applies to all BES subsystems.
Indicates the type of key to define. Options for this parameter are as follows:
Specifies a code book. If you specify this option, the value for the key_name must be defined in the <B2BCodeBooks> section of parmlib.
Specifies a digital certificate key pair. If you specify this option, the value for the key_name must be a digital certificate defined to the security system on a key ring specified in the <B2BKeyrings> section of parmlib.
Specifies a symmetric key. If you specify this option, the value for the key_name must be defined in the <SymmetricKeys> section of parmlib.
Specifies the name of the key. Replace any spaces in the key name with periods.
Example: Define a symmetric key
This example defines a symmetric key named AES256_KEY to BES1 for CA Top Secret. It indicates that you want to control this key on this subsystem.
TSS ADDTO(DEPT01) CA@BES(BES1.KEYSYMM.AES256_KEY)
| Copyright © 2011 CA. All rights reserved. | Tell Technical Publications how we can improve this information |