Manualshelf

Specifications

ManualsBrandsCisco ManualsComputer equipmentEngine 611
71727374757677787980
3-27
Cisco Wide Area Application Services Command Reference
OL-16451-01
Chapter 3 CLI Commands
cms secure-store
cms secure-store
To configure secure store encryption, use the cms secure-store EXEC commands.
cms secure-store {init | open | change | clear}
Syntax Description
Defaults The standard encryption and key management is the default.
Command Modes EXEC
Device Modes application-accelerator
central-manager
Usage Guidelines Secure store encryption provides stronger encryption and key management for your WAAS system. The
WAAS Central Manager and WAE devices use secure store encryption for handling passwords,
managing encryption keys, and for data encryption.
When you use the cms secure-store EXEC command to enable secure store on the Central Manager, or
a WAE device, the WAAS system uses strong encryption algorithms and key management policies to
protect certain data on the system. This data includes encryption keys used by applications in the WAAS
system, CIFS passwords, and user login passwords.
When you enable secure store on Central Manager, the data is encrypted using a key encryption key
generated from the pass phrase you enter with SHA-1 hashing and an AES 256-bit algorithm. When you
enable secure store on a WAE device, the data is encrypted using a 256-bit key encryption key generated
by SecureRandom, a cryptographically strong pseudorandom number. You must enter a password to
enable secure store. When you reboot the Central Manager, you must manually restart secure store using
the cms secure-store open command.
init Initializes secure store encryption on the WAAS device. Secure store
encryption is not active until you execute the cms secure-store open
command.
On the Central Manager, this command prompts you to enter the secure
store encryption pass phrase.
open Activates secure store encryption (the WAAS device encrypts the stored
data using secure store encryption). Secure store encryption must
already be initialized using the cms secure-store init command.
On the Central Manager, this command prompts you to enter the secure
store encryption pass phrase.
change Changes the secure store encryption pass phrase and encryption key. On
the Central Manager this command prompts you to enter and confirm the
new pass phrase. The WAAS device uses the pass phrase to generate the
encryption key for secure disk encryption.
clear Disables secure store encryption.