Creating an identity key template

Edit online

As an EKMF Web administrator, you need to set up an identity key template for use with zkey on EKMF Web for your organization.

Procedure

To create an identity key template, follow these steps:
  1. Log in to EKMF Web.
  2. Go to Administration in the left navigation bar.
  3. Click Key templates
  4. On the window that opens, click the Create button on the right.
  5. Select the key type Identity from the drop-down menu.
  6. In the Name field, enter the template name.
    The templates names can consist of up to 30 uppercase alphabetic characters, numerals, and hyphens. For example, assuming you want to remember that these identity key templates are for zkey keys, the name can be ZKEY-ID.
  7. In the Key label field, enter the pattern of the key names. In contrast to the name, the label can contain full stops, but no hyphens.
    All keys that are generated with this template have a name that follows this pattern.
    For example, assuming you want the keys to be named similar to the name, remember that it is an elliptic curve key, and have sequential numbering, enter:
    ZKEY.ID.EC.<seqno>
    An example for the first part of a template for an identity key is shown in Figure 1.
    Figure 1. Create new identity key template, part 1

    This graphic is described in the text before it.
  8. Select elliptic curve (ECC) or RAS for the key algorithm.
  9. Select 521 for identity keys to use a prime 521 curve (ECC), or one of the supported RSA key sizes.
  10. For Key state, select Active.
    An example for the second part of a template for an identity key is shown in Figure 2.
    Figure 2. Create new identity key template, part 2

    This graphic is described in the text before it.
  11. Keep Allow key export off.
  12. Optional: Set the key's active period.
    Draft comment: maria1@de.ibm.com
    We might want to add how to do this.
  13. Click Save.