Endpoint Encryption

 View Only

  • 1.  Encryption Desktop - Extract Key Expirations

    Posted Jul 30, 2014 02:58 PM

    Hello, 

    Most of our operations are handled via automated schedules using command line interfaces. One concern is that since we do not normally open
    "Symantec Encryption Desktop", we will not know when our keys are set to expire. 


    We wanted to set up an automated process to check the expiration dates and send notification if an expiration is approaching. 

    Is there a way to run a command line command or some other method to extract a key's expiration date? 



  • 2.  RE: Encryption Desktop - Extract Key Expirations

    Broadcom Employee
    Posted Aug 01, 2014 05:05 AM

    Hi erealoews,

    You can use for this purpose a separate product PGP Command line

    PGP Command Line 10.3.2 Release Notes
    http://www.symantec.com/docs/DOC7057

    PGP Command Line 10.3.2 User's Guide
    http://www.symantec.com/docs/DOC7066

    Command like pgp -list-key-details  <username>

    For example:

    Lists all of the keys on your keyrings using the format:

    Key Details: Alice Cameron <acameron@example.com>

    Key ID: 0xB2726BDF (0xAAEB5E06B2726BDF)

    Type: RSA (v4) key

    Size: 2048

    Validity: Complete

    Trust: Implicit (Axiomatic)

    Created: 2003-04-22

    Expires: Never

    You could then right a script to extract all keys with expiry date or about to expiry

    Another method would be to run a seperate script on SEMS server (PSQL script) to search and provide expiry date for the keys from the server/databse

    HTH