Using the encryption-settings Tool
The encryption-settings
tool provides a mechanism for interacting with the server’s encryption-settings database.
About this task
Use the encryption-settings
tool to:
-
List the available definitions.
-
Create new definitions.
-
Delete existing definitions.
-
Indicate which definition is the preferred definition.
-
Export definitions to a file for backup purposes and to allow them to be imported for use in other PingDirectory server instances.
To list the available encryption definitions:
Steps
-
To display the set of available encryption settings definitions, use the
encryption-settings
tool with thelist
subcommand.This subcommand does not take any arguments.
Example:
$ bin/encryption-settings list
Result:
For each definition, the result includes the unique identifier for the definition as well as the cipher transformation and key length that is used for encryption and whether it is the preferred definition. See the following example.
Encryption Settings Definition ID: 4D86C7922F71BB57B8B5695D2993059A26B8FC01 Preferred for New Encryption: false Cipher Transformation: DESede Key Length (bits): 192 Encryption Settings Definition ID: F635E109A8549651025D01D9A6A90F7C9017C66D Preferred for New Encryption: true Cipher Transformation: AES Key Length (bits): 128