SafeNet agents send authentication requests to the virtual server. Security sensitive data sent between the server and agents is protected by AES 256 encryption. To encrypt the traffic and to prevent unauthorized agents, the virtual server requires that each agent use an identical encryption key file.

A default encryption key file is automatically created by the virtual server.

The default encryption key files are provided to ease initial setup. For best security practices, it is recommended to replace all default agent encryption key files with newly created ones.

By design, when a new key is created in STA (for the encryption of communication between STA and an authentication agent), the old key becomes invalid.

1. To create an Agent key file, on the STA Token Management console, select Comms > Authentication Processing > Authentication Agent Settings.

   

2. Select Create.

3. Download the newly created key file and use it when prompted during configuration of any SafeNet agent that will authenticate against the virtual server.