Dell PowerVault TL4000 Dell PowerVault ML6000 Encryption Key Manager User's - Page 42
Changing Keystore Passwords, Importing Data Keys Using Keytool -importseckey, do not change, keytool
View all Dell PowerVault TL4000 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 42 highlights
abcefghij1234567 ? wrong length abcg0000000000000001 ? prefix is longer than 3 characters If an alias already exists in the keystore, keytool throws an exception and stops. Changing Keystore Passwords Note: Once you have set the keystore password, do not change it unless its security has been breached. The passwords are obfuscated to eliminate any security exposure. Changing the keystore password requires that the password on every key in that keystore be changed individually using the following keytool command. To change the keystore password enter: keytool -keypasswd -keypass old_passwd -new new_passwd -alias alias -keystore keystorename -storetype keystoretype You must also edit KeyManagerConfig.properties to change the keystore password in every server configuration file property where it is specified using one of these methods: v Delete the entire obfuscated password and allow the Encryption Key Manager to prompt on the next startup. v Delete the entire obfuscated password and type the new password in the clear. It will be obfuscated on the next startup. Importing Data Keys Using Keytool -importseckey Use the keytool -importseckey command to import a secret key or a batch of secret keys from an import file. keytool -importseckey takes the following parameters: -importseckey [-v] [-keyalias ] [-keypass ] [-keystore ] [-storepass ] [-storetype ] [-providerName ] [-importfile ] [-providerClass ] [providerArg ] These parameters are of particular importance when importing data keys for the | Encryption Key Manager to serve to the LTO 4 and LTO 5 drives for tape encryption: -keyalias Specifies the alias of a private key in keystore to decrypt all the data keys in importfile. -importfile Specifies the file that contains the data keys to be imported. Exporting Data Keys Using Keytool -exportseckey Use the keytool -exportseckey command to export a secret key or a batch of secret keys to an export file. keytool -exportseckey takes the following parameters: -exportseckey [-v] [-alias | aliasrange ] [-keyalias ] [-keystore ] [-storepass ] 3-12 Dell Encryption Key Mgr User's Guide