Create and manage wrapping keys
Wrapping keys are used to safely import key material into the KMS. They are short-lived and must be created using the same protection as the key into which the material is imported. A wrapping key expires after one day.
Prerequisites
Section titled “Prerequisites”- You have a key ring: Create and manage key rings
Create a wrapping key
Section titled “Create a wrapping key”-
On the left bar click on KMS.
-
Navigate to the key ring for which you want to create a key and click on it. Then, on the left bar click on Wrapping keys.
-
On the top bar click on Create Wrapping key.
-
Fill in the needed information:
Wrapping key name
Section titled “Wrapping key name”Enter a key name of your choice. You can’t change it afterwards.
Description
Section titled “Description”Optionally enter a description of your choice.
Purpose and Algorithm
Section titled “Purpose and Algorithm”Specify the intented usage of the wrapping key and a key algorithm. Consult Concepts of wrapping key usages and available algorithms.
Protection
Section titled “Protection”Select how the key is protected. For now only Software is available.
-
Click on Create to finally create your key.
-
Wait for your new wrapping key to reach the Active state.
List and view wrapping keys
Section titled “List and view wrapping keys”- On the left bar click on KMS.
- Navigate to the key ring for which you want to create a wrapping key and click on it. Then, on the left bar click on Wrapping keys.
- You see all your wrapping keys. To get details of a key, click on its entry.
Delete a wrapping key
Section titled “Delete a wrapping key”- On the left bar click on KMS.
- Navigate to the key ring for which you want to create a key and click on it. Then, on the left bar click on Wrapping keys.
- You see all your wrapping keys. Navigate to the key you want to delete, click on the three-dots-menu and select Delete.
- On the new pane enter the name of your key and click on Delete.
- Your key will be deleted immediately.