Managing legacy key encryption

Re-encrypt private keys

  1. Navigate to Settings  Legacy Key Encryption.

  2. Select the appropriate organization or department, and click Re-Encrypt.

    There is only one encryption key pair for all MRAOs and it is not associated with specific organizations or departments.
  3. Copy and save the encryption private key in a secure location.

  4. Click Done.

Recover client certificate private keys

Retrieving a client certificate private key from secure storage results in the revocation of that certificate, regardless of the administrator’s level.
  1. Navigate to Certificates  Client Certificates.

    You can also recover client certificate private keys from the Persons page.
  2. Select the certificate for which you want to recover the private key, and click View.

  3. In the Client Certificate dialog, click the Download icon, and select Certificate and Private key, PKCS#12, Legacy.

  4. Enter a password for the downloaded .p12 file.

  5. Paste the encryption private key.

  6. Select an encryption algorithm.

  7. Click Download.