Black Box EncrypTight ユーザーズマニュアル

Using Enhanced Security Features

270

EncrypTight User Guide

TIP

If you are deploying numerous ETEPs, you can save time by modifying the default configurations for the
ETEP models that you use. For more information about modifying default configurations, see

“Working

with Default Configurations” on page 110

You configure the certificate policies extension for ETKMSs by adding the OIDs to the ETKMS
properties file. The ETKMS properties file

kdist.properties

is located in the

/opt/etkms/conf

directory.

To configure certificate policy extensions for ETKMSs:
1 Log in as root and edit the file

/opt/etkms/conf/kdist.properties

and add or edit the

following lines in the Certificate Configuration section:
certificatePolicy<n>=<OID>
You can add as many lines as you need. Refer to

Table 69

for an explanation of the parameters used.

2 Save and close the file.
3 Restart the ETKMS by typing:

service etkms restart

You can configure the certificate policies extension for EncrypTight in the EncrypTight Preferences.
These changes take effect immediately.

To configure certificate policies extension for the EncrypTight:
1 In EncrypTight, select Edit > Preferences.
2 Click ETEMS to expand the tree and then click Communications (see

Figure 95

3 Click Enable Certificate Policy Extensions.
4 Click in the Certificate Policy Extension OIDs box and type the OIDs you need to use, separating

each with a comma.

5 Click Apply and then click OK.

Table 69

ETKMS Certificate Policies Entries

Parameter

Description

An integer beginning with 1. If you need to add multiple lines, number them

consecutively. You cannot skip numbers.

OID

The OID of the certificate policy, entered as a series of integers separated

by periods. For example:
certificatePolicy1=1.3.5.8
certificatePolicy2=1.3.5.10.64