Optional: Preparing for external key management
The Security administrator must perform certain configurations to enable external key management for your FileNetĀ® P8 system. This configuration is optional and does not apply if you do not plan to use external key management in your environment.
About this task
You can centralize key management for your FileNet P8 environment as a service that is external to Content Platform Engine. This choice moves the management of encryption keys to the centralized key management service of your choice, under your control, for improved security and privacy protection. This centralized, external option can replace the default method- native key management in Content Platform Engine.
The external key management implementation relies on either a Key Management Interoperability Protocol (KMIP) or a Key Protect key management service. If it does not already exist, you configure this service in your environment as part of the preparation for your installation or upgrade. Then, you specify the server or service for key management as part of the domain creation wizard in the Administration Console for Content Platform Engine.
You can update P8 domains to move from internal key management by Content Platform Engine to external key management with a supported service.