Converting To AES256 Encryption And Changing The Master Password In Top Secret

book

Article ID: 16569

calendar_today

Updated On:

Products

CA Top Secret CA Top Secret - LDAP

Issue/Introduction

Is there a way to convert the Top Secret security file from AES128 to AES256 encryption and change the MSCA password at the same time?

Environment

Release:
Component: TSSMVS

Resolution

There isn't a way to change the MSCA password at the same time as the conversion.

The documentation to convert to AES256 encryption is here:

Implement 256-Bit AES Encryption for Passwords/Password Phrases


An SCA with the proper administrative authority to change passwords and UPDATE access to CASECAUT(TSSCMD.USER.REPLACE.MSCAPW) can change the MSCA's password.

TSS ADD(dept) CASECAUT(TSSCMD.)   (if not already done) 
TSS PER(scaacid) CASECAUT(TSSCMD.USER.REPLACE.MSCAPW) ACCESS(UPDATE)

The MSCA password change can be done before or after the conversion to AES256 encryption.