Key management on the UTM
Last adaptation to the version: 12.6.1
New:
Neuer Schlüssel-Typ: OVPN_STATIC_KEY
Preliminary note
The keys on the UTM are used both for encryption (e.g. of VPN connections) and for signing (e.g. DKIM)
Locally generated keys always consist of a public and a private part
Only the public part should end up in someone else's hands
Schlüssel Übersicht
Caption
Description
Key management
Name
Name of the key
Type
Key type
RSA
x25519
ed25519
OVPN_STATIC_KEY notempty New as of v12.6.1
Hash
Hash value of the key
Length
Key bit length
Export key
Public part (Format )
Key part is saved as a file in the set format (see below) The suggested file name consists of the name of the key and - depending on the key part - the extension priv or pub .
Public part (Format )
Key part is copied to the clipboard in the set format (see below)
Delete
Deletes the key
Opens the key export settings
Dropdown menu with settings for key export
Export destination
File Clipboard
Exports the respective key part either to a file or to the clipboard
RSA export format:
Pem HEX B64
Exports the RSA key part in Pem, Hex or Base64 format
ED25519/X25519 export format:
Pem RAW
Exports ED25519/X25519 keys in Pem or RAW format
Add key
Create a new key with the Add key button.
Name:
RSA-Demo
Enter the desired name of the key
Add key dialog
Type
RSA
Select cryptographic method RSA used for: IPSec, Mailrelay
ED25519
Used for: Mailrelay (signing)
X25519
Used for: WireGuard
OVPN_STATIC_KEY notempty New as of v12.6.1
Verwendet für statische SSL-VPN Schlüssel (openvpn tls-auth)
Key length: Only for RSA:
512
1024
2048
3072 (Default)
4096
Select bit-length of the key
Legt den Schlüssel an und schließt den Dialog
Schließt den Dialog ohne einen Schlüssel anzulegen
Import key
Import a key by clicking the Import key button.
Import from file
Import option:
File Clipboard
The import is done from a file. The key name corresponds to the file name followed by the format
Import key from file dialog
Datei:
Browse...
Select the file that contains the key to be imported
File type:
determine automatically
The key type can be determined automatically. Alternatively, type can be specified manually.
Format
PEM RAW HEX B64
Select the format in which the key is provided
Type Only for RAW, HEX & B64
private
The key is to be imported as a private key part
public
The key is to be imported as a public key part
Import from clipboard
Import option:
File Clipboard
Der Import erfolgt über die Eingabe eines Wertes
Dialog Import key from clipboard
Name
ed25519-mx.ttt-point.de
Enter the desired name of the key
Key value
MCowBQYDK2VwAyEA…
Key from the clipboard
File type:
determine automatically
The key type can be determined automatically. Alternatively, type can be specified manually.
Format
PEM RAW HEX B64
Select the format in which the key is provided
Type Only for RAW, HEX & B64
private
The key is to be imported as a private key part
public
The key is to be imported as a public key part