Differences

This shows you the differences between two versions of the page.

--- tutorial:adm:czechidm_installation_win [2020/10/01 14:45]
urbanl old revision restored (2020/09/08 12:11)
+++ tutorial:adm:czechidm_installation_win [2020/10/21 08:55]
fiserp [Create CzechIdM configuration]
@@ Line 95: / Line 95: @@
 Now we will create configuration files the CzechIdM will use.
 <note>Code snippets in this chapter can be **mostly** copy-pasted or (but please read through whole chapter to be aware of setting you have to adjust). Configuring the CzechIdM is about altering four or five lines altogether.</note>
-  * The **C:\CzechIdM\etc\secret.key** is a file with confidential storage secret key. This key has to have 128 bit (= 16 bytes). Creation of the **secret.key** is a bit tricky (because Windows). Open the Git Bash, run the **vim** editor and type the key into the file. Then check its format.<code>
+  * The **C:\CzechIdM\etc\secret.key** is a file with confidential storage secret key. This key has to have 128 bit (= 16 bytes) or 256 bit (= 32 bytes), length of the key determines the cipher which will be used: AES-128, or AES-256 respectively. Creation of the **secret.key** is a bit tricky (because Windows). Open the Git Bash, run the **vim** editor and type the key into the file. Then check its format.<code>
 cd /c/czechidm/etc
 # start the vim editor
 vim secret.key
 # press "i" to switch to input mode
-# type the 16 characters of the secret key
+# type the 16 or 32 characters of the secret key
 # press ESC to switch to command mode
 # type :wq
 # press ENTER
 # now you should see that secret.key file has been created, check its contents
-# the file should be EXACTLY 17 BYTES LONG, 16 bytes for your key and the last byte "0a"
+# the file should be EXACTLY 17 or 33 BYTES LONG, 16 or 32 bytes for your key and the last byte "0a"
 xxd -p secret.key
 ... hex dump here ... text dump here ...