Workers Key Generation Page
A new key-pair can be generated and its name stored as the next key in the configuration.
Make sure that each worker that should have a new key-pair generated is selected.
Work from left to right for each worker and specify the required information.
Renew Keys
Column | Description |
---|---|
Signer | Name of the worker. Click the link to view the worker's page. |
Old Key Alias | The name of the current key (if any). This is stored in the configuration as the DEFAULTKEY property. |
Key Algorithm | Name of the key algorithm to use for the new key. By default, key algorithms can be selected from a drop-down list with the common options (RSA, ECDSA, and AES). To manually specify another value, click >. Examples: RSA, ECDSA, AES. The value will be preselected with the value of the KEYALG property specified in the worker. If generating a symmetric (secret) key and the specified key algorithm name is not present in the predefined list of known secret key algorithms, the key algorithm name must be specified with the prefix "SEC:", for example: SEC:Blowfish. Currently, the secret key list contains the algorithms AES and DES. If the worker references the P11NGCryptoToken, the algorithm name can be specified as a long or hexadecimal constant value. For more information, see Secret Key generation in P11NGCryptoToken. |
Key Specification | Parameters for the key generation process. By default, the key specification can be selected from a drop-down list with common values, depending on the key algorithm selected. To manually specify another value, click >. Note that some key specifications presented might not be supported by the crypto token being used. For RSA this should be the key length and for ECDSA the name of the curve. Examples: 2048, 3072, secp256r1. The value is already set if the worker has a KEYSPEC property specified. |
New Key Alias | The name for the new key to generate. |
Actions
Action | Description |
---|---|
Generate | Performs the key generation for each selected worker. The result of the key generation is written out in the Result column. If all key generations was successful the page is automatically switched back to the previous otherwise the page remains and the user has the ability to try again. |
Cancel | Returns to the previous page. |