Configure key lifecycle states

  • Release version: Yokohama
  • Updated January 30, 2025
  • 1 minute to read

    • After you have created a cryptographic specification, you can configure the lifecycle actions for the keys in your instance.

    Before you begin

    Role required: sn_kmf.admin

    Procedure

    1. Navigate to Key Management > Cryptographic Modules > All.
    2. Select the cryptographic module to configure the lifecycle of a key.
    3. Select a key alias on the Crypto Specifications tab.
      Shows how to select a key from the lifecycle definition.
    4. Select Next.
      The Field Lifecycle Template loads. Default Key Lifecycle values are created based on the selected algorithms for the defined cryptographic specification.
    5. Select a Key Lifecycle from the Applies to column on the Lifecycle Definition step for the crypto specification.
      Table 1. Key Lifecycle fields
      Field Description
      Applies to Selected key that the lifecycle applies to.
      For field Select the type of control for the key that the lifecycle applies to.
      Figure 1. Key lifecycle management "For field" values
      Shows the values in the "For field."
      Type Select if the valuation for the key lifecycle is a relative value or an absolute value:
      • Relative: Enter a value that depends on other data entries in the system, such as key generation, activation, and deactivation.
      • Absolute: Enter an exact value, such as a date.
      Lifecycle default Read only. Displays a value if set.
      Order Enter the sequence in which to process the key lifecycle state for the crypto specification.
      Relative duration type Duration of the lifecycle: Years, Months, or Days.
      Relative duration Number of years, months, or days the key is valid.
      Relative operation Beforeor After.
      Relative to Field the duration is relative to. Displays if a relative duration or operation is selected.
      Shows the values of the "Relative to" list.