Skip to main content
Perform the following tasks to generate an RSA key pair on the KMES Series 3:
You must generate the Bitwarden key pair under a root CA certificate to give it the encrypt and decrypt security usage it requires.

Create X.509 certificate container

Perform the following steps to create X.509 certificate container and root CA:
1
Go to PKI > Certificate Authorities.
2
Select [ Add CA ].
3
In the X.509 Certificate Container creation dialog, configure the following settings:
  • Name: Bitwarden
  • Host: None
  • Type: X.509
  • Owner group: Select the Bitwarden role
4
Right-click the Bitwarden X.509 certificate container and select Add Certificate > New Certificate.
5
Configure the following Subject DN settings:
  • Preset: Classic
  • Common Name: Root
6
Configure the following Basic Info settings:
  • Leave set the default values.
7
Configure the following V3 Extensions settings:
  • Profile: Certificate Authority
8
Select [ OK ].

Generate Bitwarden key pair

Perform the following steps to generate Bitwarden key pair:
1
Right-click the Root CA certificate and select Add Certificate > New Certificate.
2
Configure the following Subject DN settings:
  • Preset: Classic
  • Common Name: Bitwarden
3
Configure the following Basic Info settings:
  • Security Usage: Encrypt/Decrypt
  • Leave all other fields set to the default values.
4
Configure the following V3 Extensions settings:
  • Profile: TLS Client Certificate
5
Select [ OK ].

Export Bitwarden certificate

Perform the following steps to export Bitwarden certificate:
1
Right-click the Bitwarden certificate and select Export > Certificate(s).
2
Change Encoding to PEM and select [ Browse ].
3
Specify a filename for web transfer (such as Bitwarden-Cert.pem) and select [ OK ].
4
Select [ OK ] to initiate the export.
5
Save the certificate file when your browser prompts you.

Assign a name to the key

Perform the following steps to assign a name to the private key:
1
Go to Key Management > Keys.
2
Select [ Reload ].
3
Right-click the Bitwarden key pair in the Keys section and select Edit.
4
Under Key Settings, enter Bitwarden in the Name field and select [ OK ] to save.

Grant Use permission

Perform the following steps to grant Use permission on the private key:
1
Go to Administrative Services > Key Management > Key Database.
2
Right-click the Bitwarden key pair and select Permission.
3
Select the Bitwarden role in the drop-down menu and select [ Add ].
4
Select the Permission drop-down option next to the Bitwarden role and select Use.
5
Select [ Save ].