One of the prerequisites for database encryption is to install an X.509 certificate with both public and private keys. This certificate needs to be installed into a key container and be accessible by accounts used to run Cyara Platform components.
- IIS Application Pool user that is running the Cyara Web Portal.
- Account used for Voice Scheduler and Omni Scheduler on server(s) running these services (service Log-on Account).
To Install on Local Machine
Use the administrator account to install the certificates into local computer/personal store by following the steps below.
Open a Command Prompt and run the following command:
certutil -f -privateKey -importPFX filename.pfx NoProtect
For example, certutil -f -privateKey -importPFX CyaraPlatformEncryptionExample.pfx NoProtect
where CyaraPlatformEncryptionExample.pfx is the file name of the certificate to be imported.
PFX password when prompted.
The following messages appear on your command prompt:
Certificate "CN=CyaraPlatformEncryptionExample" added to store.
CertUtil: -importPFX command completed successfully.
Grant Access to Private Key
To grant access to the private key, follow the steps below:
Open a Command Prompt and run the command:
mmc.exe. A screen as shown below appears:
Add/Remove Snap-in. A screen as shown below
- Select Certificates and click the Add > button.
Computer account option on the following
screen and click
Local computer... option in the next dialog
- Click Finish and then click OK. The Certificate is added to the Console Root.
Certificates (Local Computer) >
Personal, then the
Certificates folder and then select the
certificate from the right-hand panel. Then, right-click it and select
Manage Private Keys.
Add button on the Permissions dialog box.
- Locate the applicable account that needs access to the private key. This is either the Service Account (if services aren't running as Local System) and it's IIS Application Pool User Account(s), and click OK.
Read permission is given to the relevant
account and then click