Configure the 128-bit encryption key

After the HTTPS certificate is configured through the Edge Encryption proxy installer, configure the AES 128-bit encryption key. Use the encryption key to encrypt your data.

About this task

The encryption key is either a plain text file inside the /keys directory or a secret key inside a keystore. If you use a keystore for your 128-bit and 256-bit encryption keys, they must both use the same keystore.

Procedure

  1. Select the location to store the encryption key.
    • File Store: Use a file to store a single encryption key. Use an existing file in the /keys directory or generate a new file. To generate a new file, enter an alias and click Generate. A file containing an encryption key is created.
      Note: This step selects both the key storage and the encryption key. If File Store is selected, click Next and go to step 5.
    • Create New Java KeyStore: Create a keystore to store the encryption key.
    • Java KeyStore File: Store the encryption key in an existing Java KeyStore file.
  2. Click Next.
  3. Select or create the encryption key.
    • New Key: Create an encryption key and alias.
      Note: The alias name (key name, key alias) must use lowercase letters and numbers, per Java KeyStore requirements. To find out more about the keytool utility, see the Java SE Documentation.
    • Use Existing Key: Use an existing encryption key in the selected keystore.
    • Import Existing Key: Import an encryption key from a different keystore.
  4. Click Next.
  5. Configure the key on the instance according to the requirements defined in your installer.
    To configure the key on the instance, navigate to the instance and define a default key. See Configure encryption keys on the instance. Ensure that the key alias, size, and type match the requirements defined in the installer.
    Figure 1. Default key requirements
  6. Once the key is configured on the instance, return to the installer and click Next.