Black Box EncrypTight, ET0010A, ET0100A, ET1000A

10 EncrypTight User Guide

Table of Contents

Changing the EncrypTight Keystore Password ...........................................................................266

Changing the ETKMS Keystore Password ..................................................................................266

Changing the Keystore Password on a ETKMS ................................................................... 267

Changing the Keystore Password on a ETKMS with an HSM .............................................. 268

Configuring the Certificate Policies Extension ...................................................................................269

Working with Certificates for EncrypTight and the ETKMSs ..............................................................272

Generating a Key Pair ................................................................................................................. 272

Requesting a Certificate .............................................................................................................. 273

Importing a CA Certificate ...........................................................................................................274

Importing a CA Certificate Reply .................................................................................................274

Exporting a Certificate .................................................................................................................275

Working with Certificates and an HSM...............................................................................................275

Configuring the HSM for Keytool .................................................................................................275

Importing CA Certificates into the HSM.......................................................................................276

Generating a Key Pair for use with the HSM...............................................................................276

Generating a Certificate Signing Request for the HSM ...............................................................277

Importing Signed Certificates into the HSM.................................................................................277

Working with Certificates for the ETEPs ............................................................................................277

Understanding the Certificate Manager Perspective ...................................................................278

Certificate Manager Workflow .....................................................................................................279

Working with External Certificates ...............................................................................................279

Obtaining External Certificates..............................................................................................279

Installing an External Certificate............................................................................................280

Working with Certificate Requests...............................................................................................281

Requesting a Certificate........................................................................................................281

Installing a Signed Certificate................................................................................................283

Viewing a Pending Certificate Request.................................................................................283

Canceling a Pending Certificate Request .............................................................................284

Setting Certificate Request Preferences ...............................................................................284

Managing Installed Certificates ...................................................................................................285

Viewing a Certificate .............................................................................................................286

Exporting a Certificate...........................................................................................................286

Deleting a Certificate.............................................................................................................287

Validating Certificates ........................................................................................................................287

Validating Certificates Using CRLs..............................................................................................287

Configuring CRL Usage in EncrypTight and the ETKMSs .......................................................... 288

Configuring CRL Usage on ETEPs ............................................................................................. 288

Handling Revocation Check Failures .......................................................................................... 289

Validating Certificates Using OCSP ............................................................................................289

Enabling and Disabling Strict Authentication .....................................................................................292

Removing Certificates ........................................................................................................................293

Using a Common Access Card ..........................................................................................................294

Configuring User Accounts for Use With Common Access Cards ..............................................295

Enabling Common Access Card Authentication..........................................................................295

Handling Common Name Lookup Failures.................................................................................. 297

Chapter 21: ETEP Configuration ........................................................................................... 299

Identifying an Appliance ..................................................................................................................... 300

Product Family and Software Version .........................................................................................300

Appliance Name ..........................................................................................................................300

Throughput Speed.......................................................................................................................301