After you configure the AES 128-bit key through the Edge proxy installer, you can optionally configure an AES 256-bit encryption key to encrypt your data.

Before you begin

Role required: admin

About this task

The encryption key is either a plain text file inside the /keys directory or a secret key inside a keystore. If you use a keystore for your AES 128-bit and AES 256-bit encryption keys, both keys must use the same keystore. If you don’t want to configure an AES 256-bit encryption key, select Skip to continue installing the proxy server.

If you’re updating an SSL certificate on an Edge proxy server, see Update SSL certificate.

Procedure

  1. Select the encryption key location.
    OptionDescription
    File Store Use a file to store a single encryption key. You can use an existing file in the /keys directory, or you can generate a new file. To generate a new file, enter an alias and select Generate. A file containing an encryption key is created.
    Note: This choice designates both the storage location and the encryption key. If you select File Store, select Next and go to step 5.
    Create New Java KeyStore Create a keystore to store the encryption key.
    Java KeyStore File Store the encryption key in an existing Java KeyStore file.
  2. Select Next.
  3. Select or create the encryption key.
    OptionDescription
    New Key Create an encryption key and alias.
    Note: You must use lowercase letters and numbers for the alias name (key name, key alias), according to Java KeyStore requirements. To find out more about the keytool utility, see the Java SE Documentation.
    Use Existing Key Use an existing encryption key in the selected keystore.
    Import Existing Key Import an encryption key from a different keystore.
  4. Select Next.
  5. (Optional) If you want to use AES 256-bit encryption, see Configure the AES 256-bit encryption key.
  6. To use AES 256-bit encryption, you must also configure the AES 256-bit default encryption key on the instance.

    Do this by navigating to the instance and defining a default key. See Configure encryption keys on the instance. Ensure that the key alias, size, and type match the requirements defined in the installer.

  7. After the key is configured on the instance, return to the installer and select Next.