Exporting Encryption Keys

Each SKM server provides a unique encryption key for each tape cartridge that is encrypted. In order for another (i.e., destination) SKM server to read tapes encrypted by your SKM server, you need to export the encryption keys used to encrypt those tapes and send them to the destination server.

NOTE: This function is available to Administrators and only applies to SKM servers. Both SKM servers must be connected and operational in order to export encryption keys.

To export encryption keys:

  1. Before starting this process, read and follow the sequence of steps outlined in Sharing Encrypted Tape Cartridges.
  2. From the Tools menu, select EKM Management > Encryption Key > Export.

    The Tools - Encryption Key Export screen displays.
  3. Assign the encryption certificate with which you will "wrap" (encrypt) the keys by selecting it from the Certificate Name Used For Export drop-down list. The drop-down list contains all of the encryption certificates that you have ever imported onto your SKM server (indicated by the word "imported" in the list).
  4. Select which SKM encryption keys to export from the following options:
  5. Click Apply.

    All the exported keys are saved to a single encryptiton key file.

    The Progress Window displays. The Progress Window contains information on the action, elapsed time, and status of the requested operation.Do one of the following:

  6. A Save As dialog box opens allowing you to save the encryption key file to a location on your computer. Choose a location and click Save.

See also: