PGP Encryption Server Organization Key is renewed 31 days prior to expiry (Symantec Encryption Management Server)
search cancel

PGP Encryption Server Organization Key is renewed 31 days prior to expiry (Symantec Encryption Management Server)

book

Article ID: 209992

calendar_today

Updated On:

Products

Encryption Management Server Gateway Email Encryption PGP Command Line PGP Encryption Suite PGP Key Management Server PGP Key Mgmt Client Access and CLI API PGP SDK Desktop Email Encryption Drive Encryption Endpoint Encryption File Share Encryption

Issue/Introduction

The PGP Encryption Server Administrator's Guide states that the Organization Key automatically renews itself one day before its expiration date.

However, while the PGP Encryption Server (Symantec Encryption Management Server) renews other managed keys one day before their expiration dates, it renews the Organization Key 31 days before its expiration date.

 

Environment

Symantec Encryption Management Server release 10.5.0 and above.

Resolution

By default, its expiration date will be updated to one year after the date it was renewed. Only the expiration date is modified, all other attributes remain the same.

Note that the Organization Certificate, if present, does not get renewed automatically. Once the Organization Key has been renewed, delete the Organization Certificate and create a new one. The new Organization Certificate will have the same expiration date as the renewed Organization Key.

For PGP Encryption Server 10.5, it renews the Organization Key 31 days before its expiration date.

For the PGP Encryption Server 3.4.2 and older, the Organization Key automatically renewed itself one day before its expiration date. It renews with all the same settings.

If the Organization Key has not been renewed automatically 31 days prior to expiry, please contact Symantec Encryption Support.

Note: If an Ignition Key passphrase is forgotten, the Organization Key can be used to unlock the PGP server.  Make sure you backup your keypair of the Organization Key and also know the passphrase. 

Additional Information

EPG-22725
EPG-25053