000027590 - RKM lockbox system and attended modes

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000027590
Applies ToRSA Key Manager Client
RSA Key Manager Server
IssueRKM lockbox system and attended modes
Difference between lockbox in system mode vs attended mode

1.  "System mode" means that the lockbox can be opened with SVs or the password.  The RKM client and server use the lockbox in system mode.  The client does this after the lockbox has been created by setting client.lockbox=true and providing a lockbox password in client.lockbox_admin_password.  The only other time the password is needed is when you want to set client.lockbox=false to turn off the lockbox and retrieve the values stored within it.

2.  "Attended mode" means that the lockbox can only be opened with the lockbox admin password.  RKM doesn't use this mode, since it would mean having to provide the lockbox password every time RKM starts up.  Because attended mode is not used, specifying the password won't update the SVs.  Turning the lockbox off and then recreating it could be a workaround to update the SVs. (not tested)

Legacy Article IDa49615