Creating a sensitive data key (Thales ProtectServer)
After installing a Thales ProtectServer hardware security module and creating a storage key, you need to create a sensitive data key.
Use the Thales ProtectServer Key Management Utility to create a sensitive data key. This requires an administrator logon to the token. The sensitive data key can be created in the same or in a different slot to the storage key created earlier. Note the token label and key label used.
This key should have the following attributes:
- AES
- 128-bit
- Derive
- Sensitive
- Encrypt enabled
- Decrypt enabled
Other attribute settings are optional.