Create a cryptographic module

  • リリースバージョン: Australia
  • 更新日 2026年03月12日
  • 所要時間:4分

    • Create a cryptographic module to define the mechanisms used for cryptographic operations. After you create the module, you create a cryptographic specification, where you define an algorithm for encryption and generates a key.

    始める前に

    If you're supplying your own keys, go to Configure and upload your customer supplied key.

    Role required: sn_kmf.cryptographic_manager

    このタスクについて

    This procedure describes options that are available with KMF in the ServiceNow platform base system. Field Encryption Enterprise functionality is available only when the com.glide.now.platform.encryption plugin is active. See Activate Field Encryption for more information on obtaining Field Encryption Enterprise. See Create cryptographic module for Field Encryption.

    注:
    Cryptographic module [sys_kmf_crypto_module] records can't be deleted.

    手順

    1. Navigate to All > Key Management > Cryptographic Modules > Create New.
    2. On the form, fill in the fields:
      表 : 1. Cryptographic Module fields
      Field Description
      Module name Alphanumeric string to be referenced when running scripts.
      Crypto spec template Select the Default template to use to create the cryptographic module, as it contains mappings of supported algorithms for crypto specifications.
      Default module access policy value
      • Rely on system default:
      • Reject
      • Track
      Actual module access policy result Reject or track, based on the default policy value or the value selected during the creation of the module access policy.
      Name Crypto module name prepended with application scope name.
      Crypto module life-cycle state Life cycle refers to the creation, use, and deactivation of a cryptographic module. Set to Draft initially during configuration. When using the module, set this field to Published.

      The Default template is automatically set to Published.
    3. Select Submit.
      警告:
      For legacy encryption support users:
      If you're using the non-enterprise version of Field Encryption, you're limited to five modules. If you've exceeded this limit, you receive the following warning:
      This insertion exceeds the number of published modules limit for Field Encryption entitled with the Subscription Product. The Enterprise subscription for Field Encryption is required for additional modules. Please reach out to your Account team.

      After submitting successfully, your cryptographic module is listed in the Cryptographic Modules table. The system prepends the name with the scope to avoid conflict with other scoped applications. For example, if you created a module with the name my_crypto_module in the global application scope, the name is saved as global.my_crypto_module.

    次のタスク

    Create a cryptographic specification

    .