Configuring external key management

You can update an existing domain to use an external key management service to manage the encryption key for the domain. Set up the external key manager before you update the domain configuration.

Before you begin

If you have not already done so, complete the preparation steps to configure an external key management system for your environment:

About this task

You can change the key management configuration for your domain from internally managed to externally managed.

If a domain is already configured for external key management, you cannot change the configuration back to internal key management in Content Platform Engine, or change the external service type. However, you can update configuration settings for your external key management service, if needed.

Procedure

To configure external key management for an existing domain:

  1. Open the domain in the Administration Console for Content Platform Engine.
  2. Click the Key Management tab.
  3. From the Key service type drop-down, choose the key management service that you want to use.
  4. Complete the panel with the required configuration values for your service, and save your changes.
    Tip: You can also use the Key Management tab to update values for your key management service as needed.