Modifying a wrapping key

You can modify whether a wrapping key is used as the system default or system partner wrapping key.

Before you begin

Before you begin, determine the changed information for the wrapping key, such as a description, or whether you want to make the wrapping key the system default or system partner. If you use the REST interface, obtain the value of the uuid for the wrapping key.

About this task

You can use the Modify AES Key dialog or the Modify Certificate dialog to modify a wrapping key. Alternatively, you can use the following REST services:
  • Certificate Update REST Service to modify the state of certificates, such as trusted or compromised, and to modify certificate information.
  • Device Type Attribute Update REST Service to set the certificate as the system default or system partner certificate.
Your role must have the permissions to the modify action and to the appropriate device group.

Procedure

  • Using graphical user interface
    1. Log in to the graphical user interface.
    2. In the Key and Device Management section on Welcome page, select 3592.
    3. Click Go to > Manage keys and devices. Alternatively, right-click 3592 and select Manage keys and devices.
    4. On the management page for 3592, select a wrapping key in the wrapping key table.
    5. Click Modify.
    6. Alternatively, right-click or double-click a wrapping key and then select Modify.
    7. Modify the wrapping key information.
      Certificate
      On the Modify Certificate dialog, specify whether the certificate is used as a system default or partner certificate. Then, click Modify Certificate.
      AES Key
      On the Modify AES Key dialog, specify whether the AES key is used as a system default or partner AES key. Then, click Modify.
  • Using REST interface
    1. Open the Swagger UI. For more information, see Using Swagger UI.
    2. Authenticate and authorize to access the REST APIs. For more information, see Authentication process for REST services.
    3. Go to the Certificate management section.
    4. Depending on the type of wrapping key you want to modify, use the applicable REST service.
      Certificate

      Use the Certificate List REST Service to find a certificate. For example, you can send the following HTTP request:

      For example, you can send the following HTTP request:
      GET https://localhost:port/SKLM/rest/v1/certificates?attributes=
      state active 
      Content-Type: application/json 
      Accept: application/json 
      Authorization : SKLMAuth userAuthId=37ea1939-1374-4db7-84cd-14e399be2d20 
      Accept-Language : en
      Use the Certificate Update REST Service to update attributes or usage for a certificate.
      For example, you can send the following HTTP request:
      PUT https://localhost:port/SKLM/rest/v1/certificates
      Content-Type: application/json
      Accept: application/json
      Authorization: SKLMAuth authId=139aeh34567m
      {"uuid":"CERTIFICATE-99fc36a-4ab6a0e12343","usage":
      "3592","attributes":"information newinformation" }

What to do next

Next, you might use the 3592 Key and Device Management page to associate wrapping keys with specific devices.