To manage the encryption keys properly, you must select the appropriate encryption environmental settings in the Edit Encryption Environmental Settings window. After you perform the initial configuration of the encryption environmental settings, you will not be able to change certain settings.
Use the following flowchart and table to determine which encryption environmental settings are correct for your encryption environment.
Settings in the Edit Encryption Environmental Settings window | |||||||
---|---|---|---|---|---|---|---|
Key Management Server | Server Settings | Generate Encryption Keys on Key Management Server | Protect the Key Encryption Key at the Key Management Server |
Delete Internal Encryption Keys at PS OFF |
Disable local key generation | ||
Primary Server | Secondary Server | ||||||
#1 | Disable | Do not specify | Do not specify | Clear | Clear | Clear | Clear |
#2 | Enable | Specify settings | Enable and specify settings | Clear | Clear | Clear | Clear |
#3 | Enable | Specify settings | Enable and specify settings | Select | Clear | Clear | Clear |
#4 | Enable | Specify settings | Enable and specify settings | Select | Select | Clear | Clear |
#5 | Enable | Specify settings | Enable and specify settings | Select | Select | Select | Clear |
#6 | Enable | Specify settings | Enable and specify settings | Select | Select | Select | Select |