Create a Field Encryption cryptographic module to define the mechanisms used for cryptographic operations.

Before you begin

Role required: sn_kmf.cryptographic_manager or sn_kmf_admin, security_admin, admin

About this task

This procedure describes options that are available with Field Encryption with the base system and additional configuration options that become available with Field Encryption Enterprise functionality. Field Encryption Enterprise is available with a paid subscription. Refer to Encryption and Key Management subscription bundle for supported features and options available with each offering. See Activate Field Encryption for more information on obtaining Field Encryption Enterprise.

Procedure

  1. Navigate to All > System Security > Field Encryption Modules > New.
    Shows new crypto module form for Field Encryption Enterprise.
  2. On the form, fill in the fields.
  3. Click Submit.

    After submitting successfully, your cryptographic module is listed in the Cryptographic Modules table.

    Warning:
    For legacy encryption support users:
    If you're using the non-enterprise version of Field Encryption, you're limited to five modules. If you've exceeded this limit, you receive the following warning:
    This insertion exceeds the number of published modules limit for Field Encryption  entitled with the Subscription Product. The Enterprise subscription for Field Encryption is required for additional modules. Please reach out to your Account team.
    A default cryptographic specification is created with the crypto purpose set to Symmetric Data Encryption/Decryption and the algorithm as AES 256 CBC. Select the algorithm for updates.
  4. To open the configuration options, click the newly created cryptographic module.
    Note: A maximum of five Field Encryption modules are allowed before upgrading to Field Encryption Enterprise. An error message displays and you are prevented from adding additional cryptographic modules. Error message for maximum modules created in FEE.

What to do next

Create a cryptographic specification for Field Encryption.