Porovnávané verzie

Stará verzia 14

changes.mady.by.user D2000 Dev Team

Uložené

porovnané s

Nová verzia 15

changes.mady.by.user D2000 Dev Team

Uložené

Kľúč

  • Tento riadok sa pridal
  • Riadok je odstránený.
  • Formátovanie sa zmenilo.

...

Example: #APPDIR#/my.key

Info
titleKey protection

Kotva
key_password
key_password
Note 1: For security reasons, we recommend setting access to the private key so that it is only accessible to the user under which the D2000 KOM process is running (by default Local System on Windows and d2000 on Linux/RPI)

Note 2: The private key can be protected by password encryption. In this case, enter the password for the key in the "Pre shared key" item in the "TLS pre shared key" section.

Note 3: Setting a password for the private key is possible with the OpenSSL utility.

Example of execution: the input is the unprotected key my.key, the output is the password-encrypted key my_protected.key, and the encryption method AES-256 is used.

openssl.exe rsa -aes256 -in my.key -out my_protected.key

The following encryption methods can be used:

ParameterEncryption method
-aes128AES-128-CBC: 128-bit key in CBC mode
-aes192AES-192-CBC: 192-bit key in CBC mode
-aes256AES-256-CBC: 256-bit key in CBC mode
-des33DES (Triple DES)
-aria128ARIA-128: ARIA with a 128-bit key
-aria192ARIA-192: ARIA with a 192-bit key
-aria256ARIA-256: ARIA with a 256-bit key
-camellia128Camellia-128: 128-bit key
-camellia192Camellia-192: 192-bit key
-camellia256Camellia-256: 256-bit key

OpenSSL-3.4 library no longer supports the following encryption types:

ParameterEncryption method
-des-ecbDES-ECB: DES in ECB (Electronic Codebook) mode
-des-cbcDES-CBC: DES in CBC (Cipher Block Chaining) mode
-ideaIDEA
-bfBlowfish
-rc2RC2

If you use diacritics (national characters) in your password, you must set the Windows code page to UTF-8 before using the OpenSSL utility with the command

chcp 65001

since in D2000, the texts are stored in UTF-8 encoding.

...