HOW TO: Backup the Organization Key on Encryption Management Server
|Article:HOWTO42046|||||Created: 2009-03-04|||||Updated: 2013-10-23|||||Article URL http://www.symantec.com/docs/HOWTO42046|
This article details how to backup the Organization Key for your Encryption Management Server (previously PGP Universal Server). The Organization Key is used to sign all user keys and to encrypt server backups.
As all backups are encrypted with the your Organization Key, it is extremely important to back up your Organization Key. If you lose your Organization Key and have not backed it up, you cannot restore from backups encrypted to the Organization Key.
Each Encryption Management Server is pre-configured with a unique Organization Key generated by the Setup Assistant. If you would like to use different settings for this key, you can regenerate the key with the settings you prefer. This should only be done prior to live deployment of the server or creation of user keys by the server.
The Organization Key automatically renews itself one day before its expiration date including all of the same settings.
The Organization Key can be backed up during the initial installation of the server or by exporting the key from the PGP Universal Server interface.
To backup your Organization Key
- Log into the Encryption Management Server administrative interface.
- Click the Keys tab and then click Organization Keys.
- Select your Organization Key. The information of your key is displayed.
- Click Export.
- Select Export Keypair then click Export Keypair.
Note: It is important to export the full keypair with no passphrase. Entering the passphrase will cause any restore process to fail.
- Click Save and choose a location for your key.
Article URL http://www.symantec.com/docs/HOWTO42046