Managing authority certificates and recovery certificates in SDMC

Using SDS Enterprise requires the use of encryption and signature keys. In addition, the keys must be certified by trusted certification authorities.

You must have your own infrastructure to generate encryption and signature keys for the users in the company. You can then distribute them to users in whatever method you choose, for example via smart cards.

SDMC makes it possible to declare the certification authorities that issued certificates containing your users' identities and public keys. These authorities are therefore considered trustworthy.

To do so, you must import the certificates from all authorities in the certificate library, then use them in your security policies.

SDMC also makes it possible to import recovery certificates, which are necessary when users lose their encryption keys. For more information, see the section Enabling data recovery.

Certificates are distributed to users via LDAP directories and added automatically to their trusted address book. For more information, refer to the section Managing LDAP directories in SDMC.