Work with Key Management
Key management involves securely storing tenant user credentials and tenant ID credentials in a database. When these credentials are stored, they are encrypted before being saved to ensure their security.The encryption process uses specific keys, which are managed through the key management system.
Key management not only facilitates the encryption of data but also supports key rotation. You can schedule key rotation to occur automatically every 30 days(or as per requirement), or you can manually rotate the keys as needed. This indicates that the keys used to encrypt credentials, such as those belonging to tenant users, are periodically updated to improve security. By storing these credentials in an encrypted format, key management ensures that sensitive information remains protected in the database.
Prerequisite:
Ensure that AEUI is in Maintenance Mode
Version
Here you can rotate the key which would be applicable for all tenants.
To use key management the version needs to be 2.0
-
If current version is not 2.0 you can click Upgrade to v2.0. The Enable Key Management v2.0 dialog appears.
-
Click Enable v2.0. The master password dialog appears.
-
You cannot revert to v1.0 once you have upgraded to v2.0.
Figure 83: Key management Rotate keys
Master Password
Storage
-
Click the Master Password tab. The Master Password page appears.
-
A checkbox is provided to enable the Master Password feature, allowing you to activate the Master Password settings.
-
After enabling the master password settings, you can download the key, which is an AeKey.ask file.
Figure 84: Master Password Storage
Change Master Password
-
Navigate to Settings -> System Settings -> Maintenance Mode, and turn on the switch.System is in maintenance mode.
-
Navigate to Key Management -> Master Password -> Change master password. Change master password screen appears.
| Fields | Description |
|---|---|
| Use system admin password | Enable this toggle if you want to use system admin password as Master Password. |
| Old Master Password* | If you are not using system admin password then enter old master password to reset new password. |
| New Master Password* | Enter the new password you want to set |
| Confirm Master Password* | Re-enter new password |
| Change | Click if you want to change password |
| Reset | Click if you want to reset password |
Figure 85: Change Master Password
-
Once the password is changed, turn off the maintenance mode.
The Master Password is required the first time you start the AutomationEdge server. After restarting the Tomcat server, you will be prompted to enter the Master Password upon logging in.