Import Protegrity Key (IMPPTGKEY)

The IMPPTGKEY command allows authorized users to import Symmetric Keys that were generated by the Protegrity Defiance Enterprise Security Administrator (ESA).  ESA is a separate licensed solution that allows for enterprise key management, which can be used to centrally manage keys and then serve those keys to multiple platforms (e.g. DB2, Oracle, SQL Server, etc.).  See www.Protegrity.com to learn more about their ESA solution.     

                            

The following users can use the IMPPTGKEY command:

• QSECOFR user profile (unless excluded in the Key Officer settings)
• A user profile with *SECADM authority (unless excluded in the Key Officer settings)
• A Key Officer that has a *YES specified for the “Maintain DEKs” authority setting

The user must have *CHANGE authority to the Key Store Validation List (*VLDL) object into which the Key(s) will be imported and *USE authority to the library that contains the Key Store.

How to Get There

From the Symmetric Encryption Key Menu, choose option 20.

Options

KEK key label (KEYLABEL)

Indicate the label of the Key Encryption Key (KEK) to use to decrypt Protegrity's Symmetric Keys that will be imported.

KEK key store name (KKEYSTR)

Indicate the object name and library of the Key Store which contains the Key Encryption Key (KEK).

The possible values are:

The possible library values are:

Key store name (KEYSTR)

Indicate the object name and library of the Key Store to store the imported Protegrity Symmetric Keys.

The possible values are:

The possible library values are:

XML File (XMLFILE)

Indicate the name and location (absolute path) of the XML file which contains the Protegrity Keys to import.

For instance: '/ABCcompany/Protegrity/Keys.xml'

The value for the XML file path can be up to 512 characters in length. The initial parameter size is 132, but can be expanded by placing an & in the first position.