Adding a Group Key to an Existing Group on the PGP Encryption Management Server
search cancel

Adding a Group Key to an Existing Group on the PGP Encryption Management Server

book

Article ID: 155582

calendar_today

Updated On:

Products

Desktop Email Encryption Drive Encryption Encryption Management Server Endpoint Encryption File Share Encryption Gateway Email Encryption PGP Command Line PGP Encryption Suite PGP Key Management Server PGP Key Mgmt Client Access and CLI API PGP SDK

Issue/Introduction

How do I add a Group Key to an existing group on the PGP Encryption Management Server?

 

For information on other topics for File Share Encryption, see the following articles:
155519 - Best Practices for Creating and Managing Symantec FileShare Encrypted Folders
180791 - Symantec File Share Encryption Group Key FAQ's.
180789 - How do I create a new Group with a File Share Encryption Group Key on Symantec Encryption Management Server?
161242 - Encrypting network file shares to Group Keys with Symantec File Share Encryption

Resolution

Adding a Group Key to an Existing Group

To add a group key to an existing group on the PGP Encryption Management Server

  1. Log in to the PGP Encryption Management Server admin interface 
  2. Go to the Consumers > Groups page.
  3. Click on the name of the group to which you want to add a group key.
  4. In the Keys row, click View.

    Important:
    If you already see a Group Key listed here, it is not recommended to add a new one.  Consult with your team to know if this is a good option for you, but it is not recommended to add a new Group Key unless you know the existing one has been compromised.  A compromised Group Key is highly unlikely as it is protected on the server and not accessible to any regular users.  The keypair of the Group key is never downloaded or saved with end users so generate new Group keys with caution.

  5. Click Add Group Keys to add a group key to this group.
  6. Click Generate to create a new group key or Import to import an existing keypair as the group key.

    When you click Generate, a new group key will be created using the current default settings for a group key.

    When you click Import, the Import Key page appears. Select a key file or paste a key block, enter the passphrase of the private key, then click Import.

  7. Click Save to add the key to the group.

Caution: A group can have only one active group key. If you add a group key to a group that already has a group key assigned, the existing group key will be overwritten by the group key you are adding.

As mentioned above proceed with caution.  To know if your Group already has a Group Key, go to the overview page and check if there is already a double-key icon to the right indicating the presence of this key:

Additionally, if you click the Group, and under the "Keys" section, click View, you'll be able to see the existing Group Key associated to the group: