This documentation supports the 18.08 version of Remedy Action Request System.

To view the latest version, select the version from the Product version menu.

Configuring the public key

BMC Remedy Encryption Performance Security and BMC Remedy Encryption Premium Security use the RSA algorithm for public key cryptography to exchange private keys. This key exchange occurs at the beginning of the API session and when the data encryption keys expire.

If the server's security policy is changed while a client is running, the client connections using the old policy automatically perform a key exchange to create keys that correspond to the new policy.

To configure the cryptograhic algorithm and size of the public key

  1. Log on to the appropriate BMC Remedy AR System server.
  2. Open the AR System Administration Console.
  3. Click System > General > Server Information.
  4. In the AR System Administration: Server Information form, click the Encryption tab.
  5. In the New Encryption Settings: Public Key Details area, select one of these data encryption algorithm options:



    Server configuration file setting

    RSA 512

    512-bit RSA key. Default for standard security.

    Encrypt-Public-Key-Algorithm: 4

    RSA 1024

    1024-bit RSA key. Default for BMC Remedy Encryption Performance Security.

    Encrypt-Public-Key-Algorithm: 5

    RSA 2048

    2048-bit RSA key. Default for BMC Remedy Encryption Premium Security.

    Encrypt-Public-Key-Algorithm: 6


    The available algorithms depend on the type of encryption installed and the setting of the FIPS Enabled option.

  6. (Optional) In the Key Expire Interval field, specify a different life span for the key in seconds.
    The default is 86400 seconds (24 hours). At the end of the specified time, the key expires, and the server generates a new key.


    Generating keys more frequently provides higher security at some marginal impact to performance.

    In the AR System server configuration file, this setting is specified as follows:
    *Encrypt-Public-Key-Expire: 86400*
  7. Click Apply.
  8. Restart the server.
  9. Relog on to any clients that are connected to the server.
Was this page helpful? Yes No Submitting... Thank you