Error: Invalid spaceKey on retrieving a related space config.

Configuring the data key

The data key processes data sent between a server and its clients after the initial connection is established.

To configure the cryptograhic algorithm and size of the data key

  1. Log on to the appropriate BMC Remedy AR System server.
  2. Open the AR System Administration Console.
  3. Click System > General > Server Information.
  4. In the AR System Administration: Server Information form, click the Encryption tab.
  5. In the New Encryption Settings: Data Key Details area, select one of these data encryption algorithm options:

    Option

    Description

    Centralized configuration settings

    DES

    56-bit Data Encryption Standard (DES) using Cipher Block Chaining (CBC) mode.

    Encrypt-Data-Encryption-Algorithm: 1

    RC4-128

    128-bit RC4 key.
    Available for Performance Security that does not comply with FIPS.

    Encrypt-Data-Encryption-Algorithm: 2

    RC4-256

    256-bit RC4 key.
    Available for Premium Security that does not comply with FIPS.

    Encrypt-Data-Encryption-Algorithm: 3

    AES-128

    128-bit AES CBC key.
    Required for Performance Security that complies with FIPS,
    but can be used by servers that do not comply with FIPS. 
     
    For more FIPS information, see FIPS encryption options in BMC Remedy ITSM Deployment documentation.

    FIPS noncompliant:

    Encrypt-Data-Encryption-Algorithm: 6



    FIPS compliant:

    Encrypt-Data-Encryption-Algorithm: 8

    AES-256

    256-bit AES CBC key.
    Required for Premium Security that complies with FIPS,
    but can be used by servers that do not comply with FIPS.

    For more FIPS information, see FIPS encryption options in BMC Remedy ITSM Deployment documentation.

    FIPS noncompliant:

    Encrypt-Data-Encryption-Algorithm: 7



    FIPS compliant:

    Encrypt-Data-Encryption-Algorithm: 9

    Note

    The available algorithms depend on the type of encryption installed and the setting of the FIPS Enabled option.

  6. (Optional) In the Key Expire Interval field, specify a different life span for the key in seconds.
    The default is 2700 seconds (45 minutes). At the end of the specified time, the key expires, and a new key exchange occurs.

    Note

    Generating keys more frequently provides higher security at some marginal impact to performance.

    In the AR System server configuration file, this setting is specified as follows:

    Encrypt-Symmetric-Data-Key-Expire: 2700
  7. Click Apply.
  8. Restart the server.
  9. Relog on to any clients that are connected to the server.
Was this page helpful? Yes No Submitting... Thank you

Comments