McAfee MEJCAE-AM-DA Product Guide - Page 144
The Key management tab, Field, Command-line equivalent, Use
View all McAfee MEJCAE-AM-DA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 144 highlights
Using the E-Business Server Administration Utility Getting Started with the E-Business Server Administration Utility console The Key management tab Use the Key management tab to establish default settings for the keys and key pairs that E-Business Server creates. Field Default key Default key size Command-line equivalent ebs --default-key (Works for next signing only.) ebs --key-gen --key-size See • DEFAULT-KEY on page 93 • KEY-SIZE on page 99 • key-gen on page 124 Default key type ebs --key-gen --key-type Default key export format ebs --key-export • KEY-TYPE on page 100 • key-gen on page 124 • EXPORT-FORMAT on page 95 • key-export on page 123 Use fast key-generation ebs --key-gen method --fast-key-gen • FASTKEYGEN on page 95 Generate sign-only keys ebs --key-gen --sign-only by default • SIGN-ONLY on page 105 • key-gen on page 124 Question prompt for key reconstruction ebs --reconstruct -data [--question ...] • QUESTION on page 102 • reconstruct-data on page 131 Use to Specify a specific key that you want to use for signing. Define a custom key size, in bits. The minimum key size is 1024 bits. The maximum key size is 4096 bits. If you do not specify a key size, E-Business Server uses a key size specified in the configuration file. Note: If you set the Default key type to RSA LEGACY, the maximum key size is 2048 bits. Specify the type of key you want E-Business Server to create by default. Choose from DSS, RSA, and RSA-LEGACY. Specify whether or not you want exported keys to be compatible with earlier versions of E-Business Server (which involves removing newer key features). Choose Compatible to make new keys backward-compatible, or Complete to export keys with all features intact. Turn fast key generation on or off. Select Yes to enable the feature, or No to disable it. With this setting enabled, E-Business Server generates DSS keys using "canned primes" for common key sizes (currently 1536, 2048, 3072, 4096). This speeds up key generation. This option has no effect if you choose RSA or RSA-Legacy for Default key type. Specify that new keys should be for signing only (that is, you will not be able to use them for encrypting data). This option has no effect if you choose RSA-Legacy for your Default key type. Specify five questions that E-Business Server will associate with any keys it generates. These keys are for later key reconstruction, if necessary. Users must answer three of the five questions in order to reconstruct their keys. Question can be up to 95 characters in length. E-Business Server™ 8.6 Product Guide 142