Product Documentation

The values specified in the Preferences panel prevent the DA repeatedly typing values on every connection to SAKA.

The Preferences panel is made visible by clicking Preferences → Set Preferences from the menu, or by clicking the Preferences icon on the Main Panel.

The Preferences panel is shown in the figure below. A table follows explaining the fields on the panel.

Default Cryptographic Module

This radio button tells DACTool which cryptographic hardware module is used on the appliance. This is necessary for DACTool to use the appropriate cryptographic algorithms when digitally signing the authorization nonce (number used once) for verification by the appliance before executing the command.

The two choices for this field are:

  • TPM (Trusted Platform Module)

  • HSM (Hardware Security Module)

 

Select the option that matches the cryptographic hardware module on your SAKA server. Most sites will choose TPM as this is the default cryptographic module on most SAKA installations.

Default Domain Identifier (DID)

The unique numeric identifier of the default encryption domain to which the DA will connect when using the DACTool. Most sites will use the numeral 1 as this will be the first encryption domain on most SAKA installations.

Default Username

The username of the DA within the encryption domain to which they will connect. Since the first DA within any domain is administrator1, this is suggested as the default. However, subsequent administrators who have been assigned a unique username should type it here.

Default Keystore Location

Each DA administering an encryption domain is required to have a unique digital certificate issued out from SAKA. The digital certificate is associated with a pair of cryptographic keys stored within a BouncyCastle FIPS Keystore (BCFKS) file called a keystore. The keystore is typically generated and stored on the Yellow USB flash drive, to be removed from the machine when not in use.

Using the Browse.. button, select the actual location of your keystore where your cryptographic keys and digital certificate are stored.

Default SAKA URL

While DACTool can be used to manage many SAKA servers, with only a few exceptions, DAs need only connect to one SAKA server when administering it. This field allows you to specify the URL of the SAKA server within your infrastructure.

The URL must always use the HTTPS protocol and specify the fully qualified domain name (FQDN) of the SAKA server. It must also specify the port number on which the SAKA application is listening at that host. The default port number is 8181.

SAKA Administration URLs

This text area allows for multiple URLs of many SAKA servers. When connecting to SAKA through the Systems panel, all URLs configured in this field become visible there.

Type in the URLs of the various SAKA servers in your clustered environment. Only one appliance's URLs need be typed in here since most configuration changes made through DACTool on the Primary appliance are replicated to all other appliances in the cluster.

After the appropriate values are entered in the Preferences panel, click the Save button. This creates a hidden directory in your home directory called .strongkeyliteDAConsole which contains a file called appProperties. Preferences are stored in this file.

To delete all preferences, delete the entire .strongkeyliteDAConsole (notice the period in front of the directory name) subdirectory and its contents. A new subdirectory and files are always created when DACTool is run.

Clicking the Reset button on this panel resets the values to the original values when you came to this panel. If you have saved any preference values, the saved values now become your original values.

Clicking Cancel returns DACTool to the Main Panel without making any changes to any Preferences. If any preference values were saved while on this screen, clicking Cancel will not revert your Preferences to the original values.