You can modify whether a wrapping key is used as the system default or system
partner wrapping key.
Before you begin
Before you begin, determine the changed information for the wrapping key, such as a
description, or whether you want to make the wrapping key the system default or system partner. If
you use the REST interface, obtain the value of the uuid
for the wrapping
key.
About this task
You can use the
Modify AES Key dialog or the
Modify
Certificate dialog to modify a wrapping key. Alternatively, you can use the following
REST services:
- Certificate Update REST Service to modify the state of certificates, such as
trusted or compromised, and to modify certificate information.
- Device Type Attribute Update REST Service to set the certificate as the
system default or system partner certificate.
Your role must have the permissions to the
modify action and to the appropriate device group.
Procedure
- Using graphical user interface
- Log in to the graphical user interface.
- In the Key and Device Management section on
Welcome page, select 3592.
- Click . Alternatively, right-click 3592 and select
Manage keys and devices.
- On the management page for 3592, select a wrapping key in the wrapping key
table.
- Click Modify.
- Alternatively, right-click or double-click a wrapping key and then select
Modify.
- Modify the wrapping key information.
- Certificate
- On the Modify Certificate dialog, specify whether the certificate is used
as a system default or partner certificate. Then, click Modify
Certificate.
- AES Key
- On the Modify AES Key dialog, specify whether the AES key is used as a
system default or partner AES key. Then, click Modify.
- Using REST interface
- Open the Swagger UI. For more information, see Using Swagger UI.
- Authenticate and authorize to access the REST APIs. For more information, see Authentication process for REST services.
- Go to the Certificate management section.
- Depending on the type of wrapping key you want to modify, use the applicable REST
service.
- Certificate
-
Use the Certificate List REST Service
to
find a certificate. For example, you can send the following HTTP request:
- For example, you can send the following HTTP
request:
GET https://localhost:port/SKLM/rest/v1/certificates?attributes=
state active
Content-Type: application/json
Accept: application/json
Authorization : SKLMAuth userAuthId=37ea1939-1374-4db7-84cd-14e399be2d20
Accept-Language : en
- Use the
Certificate Update REST Service
to update attributes or usage for a certificate.
- For example, you can send the following HTTP request:
-
PUT https://localhost:port/SKLM/rest/v1/certificates
Content-Type: application/json
Accept: application/json
Authorization: SKLMAuth authId=139aeh34567m
{"uuid":"CERTIFICATE-99fc36a-4ab6a0e12343","usage":
"3592","attributes":"information newinformation" }
What to do next
Next, you might use the 3592 Key and Device Management page to associate
wrapping keys with specific devices.