Upload your customer-supplied key

  • リリースバージョン: Australia
  • 更新日 2026年03月12日
  • 所要時間:3分

    • Upload your wrapped symmetric data encryption key to your instance to begin using it work encryption.

    始める前に

    Role required: sn_kmf.admin or sn_kmf.cryptographic_manager

    このタスクについて

    注:
    If you don't want to supply your own key, you can use the steps in Configure Field Encryption modules to use a ServiceNow. You cannot revoke a customer supplied key.

    手順

    1. Navigate to All > System Security > Field Encryption > Field Encryption Experience.
    2. Select View module details from the Field Encryption modules overview to open the field encryption module that you've previously created.
      注:
      If you haven't created a field encryption module yet, you can create one using the steps in Configure Field Encryption modules.
    3. In the Cryptographic Specification section, select Manage Specification Settings.
    4. Select the Next button until you reach the Key Origin section.
    5. Verify that the Origin field has a value of Upload customer supplied key.
      If it doesn’t, and you can't choose that value, please refer to steps 3–5 in Configure Customer-supplied keys for Field Encryption Enterprise.
    6. Confirm that you have a value in the Key Alias field.
    7. Select Next.
    8. Select the Upload customer supplied key link.
      This link should appear underneath the Download wrapping key link that you selected as part of wrapping your key.
    9. Select Browse, and select two files:
      1. The wrapped_key_material file
      2. The “import token” file
    10. Select OK.

    タスクの結果

    A confirmation message displays a successful upload of the customer-supplied key. The key is also listed in the Module Keys related list with an Origin of customer-supplied key.

    Now that your encryption key is configured, you can begin to specify which fields and attachments are encrypted. For details, see Configure encrypted field configurations for fields or attachments.