Creating password accounts manually

When creating a SDS Enterprise Password account, two methods are possible to allocate encryption and signature keys to the user:

  • Generation of the encryption and/or signature keys by SDS Enterprise locally,
  • By importing a key that was saved earlier in a file in the PKCS#12 format, P12 or PFX extensions.

The methods for managing keys as well the type of keys available depend on the configuration of the security policy in SDMC.

If you are creating an account with two keys, you can use either method to create each key.

Generated keys will be used to secure files and e-mails, for example. These keys are self-certified, so that SDS Enterprise can use them immediately. However, they will not be automatically trusted by peers but can be certified later by a certification authority.

If you use two different keys, one for the encryption and the other for the signature, run the following procedure twice. It describes how to create an encryption key.

To generate a key:

  1. On the user workstation, right-click on the SDS Enterprise SDS Enterprise icon icon in the Windows system tray.
  2. Select New user.
    New user
  3. Select Account with password.
  4. Click on Create your account.
  5. Enter a login and password. You will be asked to enter them to connect to SDS Enterprise.
  6. Click on Next.
  7. Select Generate your encryption key and select the key type.
  8. Click on Next.
  9. In the next window, generate a key from random numbers by moving the mouse or typing on the keyboard.

    Once the capture complete, click on Next.

  10. Enter the details that make up the user's identity, as you want them to appear on the self-certified certificate.
  11. Click on Next.
  12. Set a backup password, which you will be asked to provide if you forget the main password or if users are locked out of their accounts when they consecutively enter the wrong code too many times . For more information, please refer to the section Unblocking user accounts.

    Click on Next.

  13. Check the account summary.
  14. Click on Finish.

SDS Enterprise will generate the keys and create the account.

The account includes a personal self-certified certificate. Since the certificate was created by the user, it may not be trusted by some peers, who only trust certificates created by known authorities. We recommend using certified keys issued from a PKI (Public Key Infrastructure).

This section explains how to create an account by retrieving keys and certificates saved in a PKCS#12 format (extensions P12 or PFX).

This feature makes it possible to use a previously generated key and its associated certificate, or a key generated centrally by a PKI. This feature also makes it possible to save private keys that can be used for recovery operations.

The actions described below apply to both the encryption key and the signature key.

  1. On the user workstation, right-click on the SDS Enterprise SDS Enterprise icon icon in the Windows system tray.
  2. Select New user.
    New user
  3. Select Account with password.
  4. Click on Create your account.
  5. Enter a login and password. You will be asked to enter them to connect to SDS Enterprise.
  6. Click on Next.
  7. Select Import your personal key and:
    • select the file in the PKCS#12 format with the P12 or PFX extension,
    • enter the password that protects the key stored in this file.
  8. Click on Next.

    If the file contains several keys or certificates, select the key to be imported and the certificate associated with this key.

  9. Click on Next.
  10. Set a backup password, which you will be asked to provide if you forget the main password or if users are locked out of their accounts when they consecutively enter the wrong code too many times (three times by default). For more information, please refer to the section Unblocking user accounts.
    Click on Next.
  11. Check the account summary.
  12. Click on Finish.

SDS Enterprise will import the key and create the account.