Understanding “Internal PKI” mode

"Internal PKI" mode has the following features:

• Users log in to the portal with their email address and a specific password,

• First-time key generation and use are transparent to users,

• The keys enable them to encrypt and decrypt documents for themselves or for other users of the same tenant,

• As the encryption keys are stored by the portal, users can use it from any device, browser or network,

• Tenant users can share encrypted documents with external users, i.e. those outside their tenant, using keys generated on the fly. These keys are also stored by the portal.

Each user member of a tenant must have an account on the portal. For more information, see Create user accounts.

The first time each user logs on to the portal, their private and public encryption keys are automatically generated and stored in the portal database.

The keys are then used for encryption and decryption operations performed on the portal by users.

Users can also encrypt for external recipients, i.e. those belonging to a tenant other than their own or to no tenant at all, thanks to a system of on-the-fly generation of specific public keys.

To use in SDS Encryption Portal “Internal PKI” mode, see the following sections:

• Creating the security administrator account

• Create user accounts

• Logging in to SDS Encryption Portal

• Protecting a file

• Reading protected files