Creating a key encryption key (Entrust nShield)
Key encryption keys are used to encrypt and protect other cryptographic keys.
To create a key encryption key (Entrust nShield)
- Open a terminal window.
-
Start the OneSpan Key Management Tool for Entrust nShield, by default /opt/vasco/ias/bin/manager-xc.
- Select an HSM ID to use for the key creation process.
- Insert the administrator or operator card into a card slot.
- Enter the ID of the slot in which the administrator/operator card is inserted.
- Select option 3, i.e. (3) Generate a Key Encryption Key.
The OneSpan Key Management Tool for Entrust nShield will walk you through the configurations of the key encryption key.