Defining Algorithm Keysets

Access the Algorithm Keyset page (PeopleTools > Security > Encryption > Encryption Algorithm Keysets).

Choose an algorithm ID or description to view the keyset of any algorithm in the database.

Each row displays a key value. You can add, modify, or remove key values.

Field or Control	Description
Keyset ID	Enter a name for the key value in the current row. Each row must have a unique keyset ID for this algorithm.
Use Certificate Store Value	This option enables you to take advantage of key values already stored in the PeopleSoft keystore. Select a certificate alias from the keystore, then indicate whether the alias represents a certificate or a private key. Important! The certificate must be a local node certificate. Warning! Certificates in the PeopleSoft keystore are in standard X.509 format, which is compatible for use with the internal and OpenSSL algorithms, but is not compatible with the PGP encryption library. If you're defining the keyset for a PGP algorithm, you must select the Use Entered Value radio button.
Use Entered Value	Select this option to use key values that aren't in the PeopleSoft keystore. Enter a key value that's formatted appropriately for the algorithm that you're configuring. This value will be entered into the PET keyset table, not the PeopleSoft keystore. See Understanding the Supported Algorithms. Note: The key value that you enter here is stored in the PET keyset table using a combination of the algorithm ID and the keyset ID as its identifier. Because this combination is unique for each algorithm, you can create identically defined keyset rows for multiple algorithms.

Field or Control

Description

Keyset ID

Enter a name for the key value in the current row. Each row must have a unique keyset ID for this algorithm.

Use Certificate Store Value

This option enables you to take advantage of key values already stored in the PeopleSoft keystore. Select a certificate alias from the keystore, then indicate whether the alias represents a certificate or a private key.

Important! The certificate must be a local node certificate.

Warning! Certificates in the PeopleSoft keystore are in standard X.509 format, which is compatible for use with the internal and OpenSSL algorithms, but is not compatible with the PGP encryption library. If you're defining the keyset for a PGP algorithm, you must select the Use Entered Value radio button.

Use Entered Value

Select this option to use key values that aren't in the PeopleSoft keystore. Enter a key value that's formatted appropriately for the algorithm that you're configuring. This value will be entered into the PET keyset table, not the PeopleSoft keystore.

See Understanding the Supported Algorithms.

Note: The key value that you enter here is stored in the PET keyset table using a combination of the algorithm ID and the keyset ID as its identifier. Because this combination is unique for each algorithm, you can create identically defined keyset rows for multiple algorithms.