EJBCA

Generate a private key and a certificate.

openssl ecparam -genkey -name prime256v1 -noout -out key.pem
openssl req -new -x509 -key key.pem -out certificate.pem -days 7300 -subj "/CN=Database Protection"

Put the private key and the certificate in a PKCS#12 file. OpenSSL will ask you for a password that will be used to encrypt the keystore. Make a note of this password, as you will need it later.
```
openssl pkcs12 -export -inkey key.pem -in certificate.pem -out bag.p12 -name dbProtect
```
Print the base64 encoded PKCS#12 file.
```
cat bag.p12 | base64 | tr -d '\012'
```

Put the following configuration in databaseprotection.properties.

conf/databaseprotection.properties

databaseprotection.keyid.1 = 234
databaseprotection.keylabel.1 = dbProtect
databaseprotection.classname.1 = org.cesecore.keys.token.SoftCryptoToken
databaseprotection.data.1 = <the base64 encoded bag.p12 goes here>
databaseprotection.tokenpin.1 = <the password for bag.p12>
databaseprotection.version.1 = 1

Generic Questions

Articles

Downloads

SigningCloud

Centagate

EJBCA – How to Configure Database Protection using HMAC

What are your Feelings

Subscribe to our newsletter so that you don't miss the latest news and highlights from Securemetric!

Our Expertise

Company

Investor Relations

News & Events

What are your Feelings

Share This Article :

Subscribe to our newsletter so that you don't miss the latest news and highlights from Securemetric!

Our Expertise

Company

Investor Relations

News & Events

Please Login

Registration

Forgotten Password?