Creating a storage data key (Thales ProtectServer)
After installing a Thales ProtectServer hardware security module, you need to create a secret key to use as the OneSpan Authentication Server storage data key.
Use the Thales ProtectServer Key Management Utility to create a sensitive data key. This requires an administrator logon to the token. Note the token label and key label used.
When creating a storage key, the following key attributes are required:
- Double or triple DES
- Sensitive enabled
- Exportable optional, if key backup in use
- Encrypt enabled
- Wrap and unwrap enabled
- Private optional
- All other options disabled