Setting up key templates

As an EKMF Web administrator, you need to set up key templates for use with zkey on EKMF Web for your organization, and register those templates with zkey.

About this task

A one-time setup is needed for key templates. The templates can then be used by any number of systems with zkey for key management.

You must define four key templates for zkey on EKMF Web:

non-XTS - For volume encryption with an AES key in CBC mode.
XTS part 1 - For volume encryption with AES in XTS mode, first part of an XTS key
XTS part 2 - For volume encryption with AES in XTS mode, second part of an XTS key
Identity key - Identifies the zkey system. This type of key is used for verifying the identity of zkey to EKMF Web.

By creating your own templates, you can decide on naming schemes and key properties such as the size of the key. For each template, define the algorithm, the size, the type, the state, and allow the key to be exported.