Key Management Function

This function allows you to centrally manage the key metadata that is required for SSL communication. Users can use key metadata that they have created and registered as well as key metadata that is registered by services such as the load distribution service.

Managing Key Metadata

Register and manage key metadata that was created in PEM format by a user.

Table 1. Registering Key Metadata (List of Items That Can Be Set)
Item Description
Key Metadata Name Specify the name of the key metadata
Encryption Algorithm Specify the encryption algorithm for the key metadata to be registered
Mode Specify the mode of the algorithm associated with confidential information
Key Length Specify a key length that is a multiple of 8 to be used for encryption
Retention Period

When the specified retention period is exceeded, the registered key metadata will be deleted automatically. If this setting is omitted, no limit is set on use of the key metadata

Tip: Specify a future date and time in the following format: "YYYY-MM-DDThh:mm:ss.SSSSSS"
Confidential Information

Specify confidential information to be registered

Important: This information must be enclosed between "-----BEGIN XXXX-----" and "-----END XXXX-----."
Note: No check is performed to determine if the specified confidential information is in PEM format. Be sure to check in advance if the format is correct.
Content Type for Confidential Information

Specify the content type to be used when viewing confidential information

  • text/plain
  • application/octetstream
Note: When confidential information is specified, this item becomes necessary.
Encoding Format for Confidential Information

Specify an encoding format (base64)

Note: If you specified "text/plain" as the content type for confidential information, you cannot configure this setting.

PEM format refers to the following type of text data:

-----BEGIN CERTIFICATE----- 
MIIE+TCCA+GgAwIBAgIQU306HIX4KsioTW1s2A2krTANBgkqhkiG9w0BAQUFADCBtTELMAkGA1UEBh 
MCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL........ 
NM856xjqhJCPxYzk9buuCl1B4Kzu0CTbexz/iEgYV+DiuTxcfA4uhwMDSe0nynbn1qiwRk450mCOnq 
H4ly4P4lXo02t4A/DI1I8ZNct/Qfl69a2Lf6vc9rF7BELT0e5YR7CKx7fc5xRaeQdyGj/dJevm9BF/mSdnclS5vas=
-----END CERTIFICATE-----

Managing Certificate Information

Manage the following key metadata required for SSL communication as a single set of certificate information:

  • SSL Certificate
  • CA Certificate (including information for intermediate certification authorities)
  • Private Key
  • DH (Diffie Hellman) Key