Your browser does not allow storing cookies. We recommend enabling them.

PreviousNextUp[Front page] [Index]

Changing the Master Password

All Certifier software private keys are stored in encrypted format in the internal database. Also the PIN codes of the hardware security modules, if being used, are encrypted in the Database. Every Certifier installation has a master password, which is used to protect these objects. If the master password is lost, the whole PKI system may become inoperational, since the CA and RA software private keys (as well as other encrypted information) cannot be accessed any more. Therefore it is critical to be extremely careful when changing this password!

After a new SSH Tectia Certifier installation, the password equals an empty string. This means that if encryption needs to be taken into use, one of the first steps is to enter the master password on the Change Master Password page.

Figure : The Change Master Password page

When the password is given for the first time, the current password field can be left empty. The new password needs to be given in the Enter new password field and confirmed again in the Same again field. Click the Commit button to take the new password in use, or Cancel to abort the operation.

After the master password has been taken in use, it has to be given to SSH Tectia Certifier every time the Engine is restarted - otherwise signature operations will not be possible.

There are two ways to pass the master password to the Engine. The master password can be specified on the command line when the Engine is started, or it can be provided in the Administration Service by an administrator. After operator login, the master password field is prompted and the operator can type in the master password.

See Section Starting SSH Tectia Certifier in Unix.

PreviousNextUp[Front page] [Index]


Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more