Video Screencast Help

ADK, WDE Admin & internal users' keys appear as not verified and not trusted on Symantec Encryption Desktop keyring.

Created: 16 Jun 2014 | 5 comments
  1.  The keyring of internal users shows ADK & WDE admin keys as not verified & not trusted, How can these keys appear as trusted & verified automatically?
  2.  When an internal user key is imported, the key should appear as trusted, signed & verified automatically.. How to achieve this??
  • Symantec Encryption Server version: 3.3.2 MP1 (Build 15337)
  • Desktop Version: 10.3.2 MP1 (Build 15337)
Operating Systems:

Comments 5 CommentsJump to latest comment

Alex_CST's picture

I think you need to verify it and trust it BEFORE importing it into the Universal Server.

Please mark posts as solutions if they solve your problem!

http://www.cstl.com

_Adam_'s picture

Hi, Mehmood

Regarding ADK do you know if the key was created with unbound client and upload to Universal ?

Did you try to create an ADK with managed client.

This issue usually happen when the ADK is not signed by organization key and thus not marked as
verified.

In certain situations when ADK is in CKM mode and client is bind to UN with key mode as SCKM or CKM then ADK client can remain 'unverified'

if/when you consider your issue is resolved, please click "Mark As Solution" on a response
Alex_CST's picture

Adam,

Is this tech note now out of date?  It states that you must create the ADK with an unmanaged client

http://www.symantec.com/docs/TECH149215

Please mark posts as solutions if they solve your problem!

http://www.cstl.com

_Adam_'s picture

Hi Alex,

Yes that is right. You must create an ADK with unmanaged client as per KB.

Apoogise .. It was my typo as it should be unmanaged client as oposite to managed client where you can genereate a key and upload a key to PGP UN under AD section but ADK won't work.

if/when you consider your issue is resolved, please click "Mark As Solution" on a response
Mehmood's picture

Thnak  you Adam & Alex,

I had generated the ADK & WDE admin keys on a managed client.

I followed this doc: http://www.symantec.com/business/support/index?page=content&id=TECH149500.

Neither the ADK-Guidelines nor the Admin guide state the usage of unmanaged client to generate ADK

Is there any way that e can mark these keys as verified now?

What are the effects of continuing with these keys marked as unverified?