Configuring the Certificate Policies Extension

./HSMPwdChg.sh

The script will print out the new value of the password. Make note of this value.

5Change the password for the Security Officer role by typing: ctkmu p -O

You will be prompted for the value of the old password and then for the value of the new password.

6Change the password for the User role by typing: ctkmu p

You will be prompted for the value of the old password and then for the value of the new password.

NOTE

The documentation provided by the manufacturer of the HSM refers to these passwords as PINs.

Configuring the Certificate Policies Extension

EncrypTight supports the use of the certificate policies extension in certificates. CAs use this extension to indicate the purposes for which a certificate was issued, for example, digitally signing e-mail or encryption. If a certificate is being used for a purpose that is not indicated by the extension, it can be rejected.

In a certificate, the certificate policies extension indicates the purposes for which a certificate was issued with one or more registered Object Identifiers (OIDs), which are values that can vary by organization and industry. If the CA that issues the certificate does not want to limit the purposes for which the certificate can be used, they can use a special OID that indicates it can be used for any policy.

If your organization uses the certificate policies extension in certificates, you need to specify the OIDs that will be accepted by the EncrypTight software, the ETKMSs, and each ETEP before you begin requesting and installing certificates. The OIDs are ignored until you enable strict authentication.

You can configure the certificate policies extension for ETEPs on the Advanced tab of the Appliance Editor. The changes do not take effect until you push the configurations to the ETEPs.

To configure the certificate policies extension for ETEPs:

1In Appliance editor for the ETEP, click the Advanced tab.

2Click Enable Policy Extensions.

3Click Add.

4In the Certificate Policy Extension editor, type the OID that you want to add and click OK.

If you make a mistake, select the OID in the list and click Modify to change it.

If you need to remove an OID, select it and click Delete.

5Repeat steps 3 and 4 for each OID you need to add.

6Click Save.

EncrypTight User Guide

269

Page 268
Image 268
Black Box ET1000A, ET0010A, EncrypTight manual Configuring the Certificate Policies Extension, Click Enable Policy Extensions

EncrypTight, ET0100A, ET0010A, ET1000A specifications

The Black Box ET1000A, ET0010A, EncrypTight, and ET0100A are advanced solutions designed for secure data transmission and network management, catering to modern enterprise needs. These tools integrate cutting-edge technologies to enhance connectivity, security, and efficiency within various environments.

The Black Box ET1000A is primarily a high-performance Ethernet over Twisted Pair (EoTP) solution. It enables users to extend Ethernet signals over long distances using existing twisted-pair cabling without sacrificing speed or reliability. With support for speeds up to 100 Mbps, this device is ideal for organizations looking to upgrade their existing infrastructure without extensive rewiring. Key features include plug-and-play installation, which simplifies deployment, and versatile compatibility with both legacy and modern ethernet networks.

The ET0010A model takes connectivity a step further by providing seamless integration with fiber optics. This device supports transmission distances that far exceed traditional copper solutions, making it a perfect fit for larger facilities or multi-building campuses. Its built-in Ethernet switch enhances network efficiency by providing multiple ports for device connectivity, thus facilitating greater data flow.

EncrypTight technology is a notable feature across these Black Box models, offering advanced encryption capabilities to safeguard sensitive data during transmission. With military-grade encryption protocols, EncrypTight ensures that corporate information remains secure from potential eavesdroppers. This technology is essential for businesses operating in regulated industries or that handle confidential customer information.

The ET0100A model combines intelligence with monitoring features to provide users with comprehensive network insights. It boasts built-in diagnostic tools that enable IT professionals to troubleshoot issues quickly and efficiently. Additionally, it features real-time performance monitoring, allowing users to analyze bandwidth usage and optimize network performance accordingly.

In conclusion, the Black Box ET1000A, ET0010A, EncrypTight, and ET0100A are powerful tools that embody the latest in data transmission and network management technologies. With their unique features—including extended connectivity capabilities, robust encryption technologies, and real-time monitoring solutions—these devices cater to the growing demands of businesses seeking to enhance their network infrastructure while ensuring robust security and efficiency. Integrating these tools into any organization’s operations can fundamentally improve both performance and data protection, making them indispensable in today’s digital landscape.