This article describes how to use SafeGuard LAN Crypt to protect the Password Log file. The Password Log contains the passwords for the generated PKCS#12 files and can be used, for example, to create a PIN letter.
Here you specify the storage location and name of the log file for generated PKCS#12 files.
Note: You should protect this file and under no circumstances save it in the same folder as the POL files.
What To Do
Note: Ensure that the user who is assigning certificates has file system rights to change the Password Log file, otherwise SafeGuard LAN Crypt will not be able to generate certificates.
- Install the Administration and Client on the same computer.
- After creating the initial Master Security Officer, create an encryption rule that encrypts the Password Log file,
- Generate a profile for the initial MSO, and load the profile. Running the initial encryption wizard will encrypt the password log file. To ensure that the password for the initial MSO was not compromised while the file was not encrypted, create a new certificate and assign it to the initial MSO.