7.2. Finding Archived Keys

Archived keys can be searched to examine the key details or to initiate recovery. Selecting search criteria and selecting a key from the search results is the same for both operations.
To search for and list archived keys:
  1. Open the DRM agent services page.
  2. Click Search for Keys or Recover Keys to display the search criteria form.
    When selecting the Recover Keys operation, there is an additional option to initiate recovery for any key that is found.
    Search for Keys Page

    Figure 7.1. Search for Keys Page


  3. To search by particular criteria, use the different sections of the Search for Keys or Recover Keys form. To use a section, select the check box for that section, then fill in any necessary information.
    • Owner name. Finds an archived key with a specific owner name. The owner name for a key, like the subject name for a certificate, consists of a string that can be used in searches.

      NOTE

      Certificate System certificate request forms support all UTF-8 characters for the common name (owner name), and the common name field is included in the subject name of the certificate. This means that the searches for subject names or the common name in the subject name support UTF-8 characters.
    • Key identifiers. Finds an archived key with a specific key identifier or to list all keys within a range of key identifiers.
      • To find a key with a specific key identifier, enter the key identifier in both the upper limit and lower limit fields in decimal or hexadecimal form. Use 0xto indicate the beginning of a hexadecimal number; for example, 0x2A. Key identifiers are displayed in hexadecimal form in the Search Results and Details pages.
      • To find all keys within a range of key identifiers, enter the upper and lower limits of the key identifier range in decimal or hexadecimal form.
      Leaving either the lower limit or upper limit field blank displays all keys before or after the number specified.
    • Certificate. Finds the archived key that corresponds to a specific public key. Select the check box and paste the certificate containing the base-64 encoded public key into the text area.

      NOTE

      The encryption certificate associated with the key pair must be found first. Use the Certificate Manager agent services page to find the certificate; for instructions, see Section 4.3, “Examining Certificate Details”.
    • Archiver. Finds keys that were archived by a specific server. Select the check box and enter the user ID of the Certificate Manager that submitted the key archival request. This information is available only for archival requests from servers that are remote from the DRM. To put a limit on the number of results returned, fill in a value for maximum results. To limit the time allowed for the search, enter a value for time limit in seconds.
  4. After entering the search criteria, click Show Key.
    The DRM displays a list of the keys that match the search criteria. Select a key from the list to examine its details. If the search was initiated with the Recover Keys button, there is the additional option of recovering any key returned by the search.
    Search Results Page

    Figure 7.2. Search Results Page


  5. In the Search Results form, select a key.
    If a desired key is not shown, scroll to the bottom of the list and use the arrows to move to another page of search results.
  6. Click the ID number next to the selected key. The details of the selected key are shown in the Key details page. It is not possible to modify the key through this page.
Key Details Page

Figure 7.3. Key Details Page