The Key Archiving and Recovery Factory (KARF) is the component of the Certificate Factory (CF) within
...
Smart ID Certificate Manager (CM) responsible for the initial processing of certificate requests where the associated token procedure specifies that key archiving or key recovery actions should be taken.
The configuration of the KAR component is described in kar.conf. KAR related configuration also exists in cm.conf and modules.conf. See the Technical Description for more details.
Note |
---|
Keys are referred to by their label in kar.conf. If you use an RSA key pair for key archiving, use the label of the public key. To look up the label of a key, use the |
Expand | ||
---|---|---|
| ||
Each asymmetric key-encryption key (KEK) must have a valid certificate, to ensure that the public key part is intact when using it during key archiving. When using an HSM to store the key encryption key, do the following to issue a certificate for either a new or an existing KEK:
|
...
Related information
...