Requesting and installing encryption certificates - Security Center 5.8

Security Center Administrator Guide 5.8

series
Security Center 5.8
revised_modified
2020-08-17

To authorize a client machine to view encrypted data, you must request an encryption certificate from the client machine. You then install the certificate with the private key locally, and transfer the certificate with the public key to the Archiver responsible for encryption.

Before you begin

There are many ways to request and manage digital certificates. Before you proceed, consult your IT department about your company's policies and standard procedures.

What you should know

The encryption certificate contains a pair of public and private keys. The public key is used by the Archiver to encrypt the private data for a specific client machine. The private key is used by the client machine to decrypt the private data.
Best Practice: The private key should never leave the machine on which it is needed.

Procedure

  1. Log on as a local administrator of the client machine.
  2. Add the Certificates snap-in to your local computer account.
    Installing the certificates in the local computer store gives you more control over the management of private keys.
  3. Follow your company's procedure for requesting and installing the certificate.
  4. If the client is supposed to have access to encrypted data for a limited time, set the certificate's expiry date accordingly.
  5. If you do not plan to run Config Tool from this computer, export the certificate with only the public key to a certificate (.cer) file.
    Save the certificate file to a location that can be accessed from the workstation from which you plan to run Config Tool.