Skip to main content

Transferring encryption keys to a new Enterprise Server - Kennisbank / ESET Endpoint Encryption - ESET Tech Center

Transferring encryption keys to a new Enterprise Server

Authors list

The purpose of this article is to guide you through the process of transferring/sharing encryption keys between Enterprise Servers and from a standalone version of DESlock+ to an Enterprise Server.

By doing this, it will eliminate the need to decrypt granular data (files, folders, removable media, virtual disks, archives etc.) which is already encrypted and so making the move to a new Enterprise Server more seamless for the end user.

 

I will firstly explain how to transfer an encryption key to another Enterprise Server. Instructions of how to transfer an encryption key from a standalone version of DESlock+ to a an Enterprise Server areabout half way down this article.

 

Transferring an encryption key to another Enterprise Server

For an encryption key to be copied to a new Enterprise Server, you will need to perform the following steps:

From the new Enterprise Server, click the organisation in the navigation pane and click the 'Encryption Keys' tab.

Click the 'Tools' dropdown list and click the 'Download Key Request' option.

Save the KeyRequest.dlr file to either a USB flash drive or network location.

Copy the KeyRequest.dlr file to the system on which the old Enterprise Server is installed.

 

From the old Enterprise Server, go to the 'Encryption Keys' tab, select the key you want to copy, click the 'Tools' dropdown list and select the 'Issue Encryption Key' option

 

When the user interface appears, click the 'Browse' button, locate the KeyRequest.dlr file and click the 'Next' button

 

Set the option to 'Key can be transferred' and set the Terminator Count to 253 (or whatever the maximum value is) and click the 'Issue' button

You will be prompted to enter your Enterprise Server admin password to confirm that you wish to perform this action, enter the password and click 'OK'

Save the keyname.dlu file to the same location as you saved the .dlr file.

 

From the new Enterprise Server, go to the 'Encryption Keys' tab, click the 'Tools' dropdown list and click the 'Import Key Update' option.

You will be prompted to browse to the keyname.dlu file and then click the 'Upload' button.

The encryption key will now be uploaded to the Enterprise Server and will be displayed in the Encryption Keys window.

 

 

Transferring an encryption key from a standalone version of DESlock+ to an Enterprise Server

For an encryption key to be transferred from a standalone version of DESlock+ to an Enterprise Server, you will need to perform the following steps:

From the Enterprise Server, click the organisation in the navigation pane and click the 'Encryption Keys' tab.

Click the 'Tools' dropdown list and click the 'Download Key Request' option.

Save the KeyRequest.dlr file to either a USB flash drive or network location.

Copy the KeyRequest.dlr file to the system on which the standalone version of DESlock+ is installed.

 

Right click on the DESlock+ shield icon in the notification area and click 'Key Transfer'

The 'DESlock+ Key Transfer Wizard' will appear, select the second option 'Issue a key to another user' and click 'Next'

You will now be asked to browse to the location of the request file which you saved from the Enterprise Server. Select the file and click 'Open' followed by 'Next'

Select the key you wish to transfer, select the relevant key from the list and click 'Next'

You will at this point be asked to set the terminator code limit we recommend setting it to it's highest values (this should be 255), for more information on what this means, please see the article Setting the terminator code limit and what it means. click 'Next'

Navigate to the location where you saved the request file and name the update file appropriately, click 'Save' followed by 'Next' and then 'Finish' on the final window.

From the Enterprise Server, go to the 'Encryption Keys' tab, click the 'Tools' dropdown list and click the 'Import Key Update' option.

You will be prompted to browse to the keyname.dlu file and then click the 'Upload' button.

The encryption key will now be uploaded to the Enterprise Server and will be displayed in the Encryption Keys window.

 

Keywords: Move, Migrate, Copy, Import

Add a comment

Please log in or register to submit a comment.

Need a password reminder?