Entrust nShield: Creating a Sensitive Data Key

You can use the following tools to create sensitive data keys for Entrust nShield:

generatekey command-line utility
KeySafe UI tool

To create a sensitive data key using the generatekey command-line utility, run the following command:

generatekey -g custom protect=module type=AES plainname="plain_name" size="128" blobsavefile="blob_filename.blob" nvram="no" seeintegname=""

where:

plain_name is the desired key name.
blob_filename is the desired file name for the BLOB.

This command creates the BLOB file in the current directory. Furthermore, it generates the following file: blob_filename_inf.txt

This file contains important information about the key. Some of the information therein (e.g. key hash) will need to be provided during the configuration phase of the installation, i.e. via the Configuration Wizard.

For more information about the configuration phase of installation, see Configuring OneSpan Authentication Server (advanced installation).

Creating a sensitive data key (Entrust nShield)

Log in

Two-step verification is required