Creating a storage data key (Entrust nShield)

To generate a storage data key, use the OneSpan Key Management Tool for Entrust nShield. This console utility is installed with OneSpan Authentication Server, and can be used to generate (and manage) the following:

  • Storage data keys
  • Transport keys (to decrypt DPX files)

To create a storage data key for Entrust nShield

  1. Open a terminal window.
  2. Start the OneSpan Key Management Tool for Entrust nShield, by default:

    /opt/vasco/ias/bin/manager-xc

  3. Select an HSM ID to use for the key creation process.
  4. Insert the administrator or operator card into a card slot.
  5. Enter the ID of the slot in which the administrator/operator card is inserted.
  6. Select option 2, i.e. (2) Generate a Storage Key.

The OneSpan Key Management Tool for Entrust nShield will walk you through the configuration of the storage data key.

For more information, refer to the OneSpan Authentication Server Framework HSM Key Management for Entrust nShield Guide, included with Authentication Server Framework.