15 Key Ring Support

Cryptography keys may be used to provide a signature or credentials to a request so that the system recognizes that the request comes from a trusted party. Keys may also be used to encrypt or decrypt files shared between two parties.

The Key Ring object is provided to reference the keys that are used over time for a given business use case. Only one key or key pair may be active at any given time.

The following sections include information about the functionality provided to support different key ring classes for particular use cases.

• RSA Signature Keys
• File Signing Keys
• OAuth Keys
• PGP File Encryption Keys

Maintaining Key Rings

The Key Ring maintenance function from the Administration menu is used to add, modify, and remove key ring definitions.

See Understanding Key Rings in the online help provided with your service for information about managing key rings.

Generating Keys

Once the Key Ring is defined it must have at least one activated key pair. To generate a key pair, use the Generate Key button.

See Understanding Key Rings in the online help provided with your service for information about generating key pairs.

Once generated the key ring will appear in the Key Pairs zone with the appropriate fingerprint. To activate the key pair, use the Activate button to enable the key. It is recommended to only have one pair active for each key ring at most at any time. It is possible to support multiple, but this is not good security practice. Use the View under the Public Key column to view and pass on the public part of the key.

Note:

The private key is not visible from the product in line with security standards.

Using Key Rings

Key rings can be used within numerous objects within the product. Refer to the documentation for those objects on how to connect key rings. Once connected the object will appear in the Key Ring References zone.