Quantum Q-EKM User's Guide download pdf (Page 18)

Overview

Quantum Encryption Key Manager (Q-EKM) Components

Quantum Encryption Key Manager User’s Guide 5

Keystore 1

The keystore is defined as part of the Java Cryptography Extension (JCE)

and an element of the Java Security components, which are, in turn, part

of the Java runtime environment. Q-EKM supports the JCEKS keystore.

The keystore contains:

• The 1024 data encryption keys generated by the Q-EKM server on

which it resides. These keys are used for encrypting and decrypting

tapes.

• Data encryption keys that you imported (for example, keys that other

companies or individuals sent to you). These keys can be used to

decrypt tapes provided by the other parties.

• Your Q-EKM server’s native public certificate.

• Public certificates that you imported from other parties. These are

used to wrap your data encryption keys for transit to another party to

use in decrypting tapes you may have provided to them).

• Public and private keys used for secure communication.

• Metadata (for example, which data encryption keys were used on

which tapes).

The keystore file is named

EKMKeys.jck and is located in the root QEKM

directory as follows:

Windows

c:\Program Files\Quantum\QEKM

Linux

/opt/Quantum/QEKM

Caution: It is impossible to overstate the importance of preserving

your keystore data. Without access to your keystore, you

will not be able to decrypt your encrypted tapes. Please see

Backing Up Keystore and Configuration Data

on page 15

and Disaster Recovery Planning

on page 16 for

information on how to protect your keystore data.

1 2 ... 13 14 15 16 17 18 19 20 21 22 23 ... 92 93

No comments

Quantum Q-EKM User's Guide Page 18