ESET Online Help

Search
Select the category
Select the topic

Encryption Key Import

Encryption keys may be imported into the ESET Endpoint Encryption Server (EEE Server) from external ESET Endpoint Encryption Key-Files. For example, suppose an organization already has EEE encryption keys in use within their security system; in that case, it will be logical to use the EEE Server to control and distribute these existing keys more effectively. This can only be done if the keys are first imported into the EEE Server.

To do this the EEE Server and the encryption key holder have to be able to exchange data securely. This is necessary so that the key holder's key can only be used by the EEE Server. If the exchange is intercepted/lost or stolen, the key in the file will be unobtainable (encrypted) and of no use to them. Key transfers are secured by RSA encryption.

The process is as follows, in simple terms:

The EEE Server administrator requests the key from the key holder by generating a special requested file (with a file extension of .DLR)

The key holder then issues the key to the admin, using the request file (.DLR) to encrypt the key. This results in the generation of an update file (.DLU)

The key holder sends this update file to the admin.

Admin updates their Key-File with the update, which adds the key just received from the key holder.

 

For the EEE Server, the process is as follows:

1.In the navigation window, select the Organization root, then the Encryption Key tab, followed by Download Request File.

2.After being present with a file-save dialog, click OK, and the file will be saved where specified (depending on your browser) with the name KeyRequest.dlr.

3.Send this file to the holder of the key you require (by Email or over your network).

4.To issue a key, the holder of the required key will follow the steps below:

a.Right-click the EEE icon in their notification area (also known as System Tray) and select the Key Transfer option.

b.Select Issue a Key to another user, then click Next.

c.Select the requested file sent from the EEE Server administrator.

d.Select which key to issue.

e.Specify the terminator code for the issued key. It must not be set at 0, as this will prevent the key used by the EEE Server. A value of 1 will allow the key to be distributed within the EEE Server but not issued by any of the EEE Server clients. A value of 2 or more will allow the key to be issued onwards by the EEE Server's clients, assuming the transfer of keys is permitted by their policy settings.

f.Specify the location of the update file and complete the process.

 

 The holder then sends the saved issue file (.DLU) to the EEE Server by email/file transfer.

5.In the EEE Server, import the file by selecting the Organization root, then the Encryption Key tab and by clicking Import Update File. Specify or browse to the location of the update file (.DLU) and click upload. The transferred key will be added to the Encryption Keys database.