Types of accounts

The following table lists the types of accounts available in SDS Enterprise:



Password account with a single key to sign and encrypt.


Password account with two different keys to sign and encrypt.


Card account with a single key to sign and encrypt.


Card account with two different keys to sign and encrypt.


The following table details the content for each section based on the account type XXX

Parameter KS GP Description
Pkcs12Import # #

The new account’s key (or keys) can be imported from a PKCS#12 file.

  • 0: No (default),
  • 1: Yes.
InternalKeys   #

In smart card or USB token mode (GP1 or GP2), keys are extracted:

  • 0 = by SDS Enterprise, in memory
  • 1 = by the card (default)

When keys are generated via smart card, they may be created by the smart card itself, or in memory, depending on the vendor’s implementation or the configuration of the key's PKCS#11 layer.

UsrPwdCharSet #  

Syntax: abc where “abc” are 3 uppercase hex digits (0->F), indicating the minimum number of characters in a password:

  • a: number of alphabetical characters,
  • b: number of numeric characters,
  • c: number of other characters.

Default value: 000.

UsrPwdMinLen #  

Minimum length for a password (decimal). The value must be between 0 (default) and 64. If the value entered is greater than 64, the maximum value (64) is used.

KeepCardObjects   #

Do not destroy non-reused objects check box:

  • 00 : check box unchecked and grayed out (default),
  • 01: box unchecked and accessible,
  • 10: box checked and uneditable,
  • 11: box checked and accessible.
ExportKeys   #

If a key was not extracted by the smart card or token (if <InternalKeys> = 0), SDS Enterprise may display a window offering to save this key in a PKCS#12 file (to save it) or to copy it in the user's keystore (to be used later).

  • 0 : page not displayed (default),
  • 1 : displayed.
NoExtractableK # #

At the time of creation, indicates whether the private keys are marked as not being able to be exported:

  • From the keystore for KS1 and KS2 modes,
  • From the smart card in GP1 and GP2 modes.

Allowed values are:

  • 0: No (default for KS1 and KS2 modes),
  • 1: Yes (default for GP1 and GP2 modes).
DisableCreateSelf # #

Prohibits a self-certified key from being used, whether for creating an account or for renewing a key.

  • 0: Authorizes the extraction of a self-certified key (default),
  • 1: Prohibits the use of a self-certified key.

For [SBox.KeyRenewalWizardGP]

Forces key renewal in smart card or token mode from the keys found in the card.