Local Encryption Configuration Parameters
Parameter | Default | Description |
---|---|---|
Symmetric_Key_Cache_Enabled | no | Determines if the symmetric key caching feature is enabled. Only symmetric keys can be cached. Possible settings: • no – Key caching is disabled. Remote encryption (encryption performed on CipherTrust Manager is available as normal). • yes – Key caching is enabled and the NAE XML protocol is used for exporting keys. The Protocol parameter must be set to ssl. • tcp_ok – Key caching is enabled over both tcp and ssl connections. The NAE XML protocol is used for exporting keys. For local mode operations, the key’s authorization policy is not supported. |
Symmetric_Key_Cache_Expiry | 43200 (12 hours) | Determines the minimum amount of time that a key remains in the client key cache. Possible settings: • This is the infinite timeout setting. Keys are never purged from the client cache. • A positive integer – At the end of this interval, the key is purged from the cache the next time the library is called. |
Note
While configuring local mode, make sure the group policy user mapped to a database must have the export permissions on the key.