Creating a cryptographic key - Security Center 5.9 - 5.12

Digital signatures in Security Center

Applies to
Security Center 5.9 - 5.12
Last updated
2024-01-24
Content type
Guides > Administrator guides
Language
English
Product
Security Center
Version
5.12
5.11
5.10
5.9
Category
Administrator guides

When installing Security Center on a machine, a cryptographic key for digital signatures is generated automatically and stored in the installation folder. If needed, you can generate a new key and set the Archiver and the Auxiliary Archiver to use it.

What you should know

Creating a new cryptographic key is useful in the following cases:
  • To create unique keys for each machine in a deployment with several systems using machine imaging.
  • To replace a key that might have been compromised.
IMPORTANT: Generate and store a new digital signature origin for each new key that you create. The origins are used to validate the digital signatures on video files created using those keys.

Procedure

  1. In the Security Center installation folder, run DigitalSignatureKeyGenerator.exe.
    The program generates two different 1 KB files named fingerprintEddsa.bin and privateEddsa.bin in the installation folder and overwrites any existing files.
  2. In Config Tool, open the System task and click the Roles view.
  3. Select each archiving role that uses digital signatures, and restart it.
  4. If a secondary server is assigned to an archiving role, copy the same cryptographic files to the Security Center installation folder on that server.

Results

Archiving roles with Digital signature enabled will digitally sign video files using the new key.

After you finish

Generate and store the digital signature origin for the new key.