Enable the DUS and EWV multi-usage combinations for asymmetric keys

2min

For this step, you must log in with an identity that has a role with the Security:Key Settings permission. You can use the default Administrator role and Admin identities.
The EJBCA application requires asymmetric keys with multiple usages, which you can configure, but the  does not enable this by default.
You must enable the following multi-usage combination for all users, including anonymous users, due to how the EJBCA application creates the keys on the HSM:
EDSVWU (Encrypt, Decrypt, Sign, Verify, Wrap, Unwrap)
Choose one of the following methods to enable EDSVWU:
Excrypt Manager
FXCLI
1
Go to the Extended Options menu.
2
Select Asymmetric Authorize in the Usage drop-down menu, and select [ Add ].
3
Select the EDSVWU usage combination and select [ OK ]. 
4
Now, select Asymmetric Anonymous in the Usage drop-down menu and enable the EDSVWU multi-usage combination.
5
Select [ Save ] in the lower-right corner to save the changes.
1
Run the following FXCLI commands to add the DUS and EWV multi-usage combinations for asymmetric keys for all users:
FXCLI
multi-usage add --asymmetric --auth -e -d -s -v -w -u
multi-usage add --asymmetric --auth -e -d -s -v -w -u
﻿
FXCLI
multi-usage add --asymmetric --anon -e -d -s -v -w -u
multi-usage add --asymmetric --anon -e -d -s -v -w -u
﻿
﻿
﻿

Updated 14 Nov 2024

Did this page help you?

Configure TLS authentication

Edit the Futurex PKCS #11 configuration file