Exporting Encryption Certificates

To receive encryption keys from another SKM server, you must first send your SKM server's native encryption certificate to that server. The public key contained in the native encryption certificate will be used to wrap (encrypt) the encryption keys to protect them during transport to you.

NOTE: This function is available to users with Administrator-level privileges and only applies to SKM servers. Since the native encryption certificate is the same for both servers in an SKM server pair, you may export it when only one SKM server is connected/operational.

To export an encryption certificate:

1. Before starting this process, read and follow the sequence of steps outlined in Sharing Encrypted Tape Cartridges.
2. From the Tools menu, select EKM Management > Encryption Certificate > Export.
3. Click Apply to export your SKM server's native encryption certificate.

4. The Progress Window displays. The Progress Window contains information on the action, elapsed time, and status of the requested operation. Do one of the following:

   • If Success displays in the Progress Window, the encryption certificate was exported successfully. Go to the next step.
   • If Failure displays in the Progress Window, the encryption certificate was not exported successfully. Follow the instructions listed in the Progress Window to resolve any issues that occurred during the operation.
5. Click Close to close the Progress Window.
6. In the File Download dialog box that displays, click Save.
7. In the Save As dialog box that opens, choose a location in which to save the file, then click Save.

See also:

• About Library Managed Encryption
• Sharing Encrypted Tape Cartridges
• Importing Encryption Certificates
• Importing Encryption Keys
• Exporting Encryption Keys