Completing Deployment by Backing Up the Encryption Key

  • Article

Applies To: System Center Service Manager 2010 SP1

When you deployed your Service Manager management server and database, an encryption key was created so that data between the Service Manager and data warehouse management servers and their associated databases could be encrypted. When you deployed the Self-Service Portal, an encryption key was created so that data between the Self-Service Portal and Service Manager database could be encrypted. Your disaster recovery strategy depends on you backing up the encryption key as soon as you complete the Service Manager installation. After you back up the encryption keys and store them in a safe location, you can recover from software or hardware failures on the Service Manager, data warehouse management servers, and Self-Service Portal. Use the Encryption Key Backup or Restore Wizard to back up and restore encryption keys on the Service Manager management servers and Self-Service Portal. This wizard is located on the Service Manager installation media in the Tools\SecureStorageBackup folder.

Note

In this release, the wizard contains references to Operations Manager. This issue will be resolved in a future release.

To back up the encryption key

  1. Log on to the computer that hosts the Service Manager management server, data warehouse management server, or Self-Service Portal by using an account that is a member of the Administrators group.

  2. In Windows Explorer, open the Tools\SecureStorageBackup folder on the installation media.

  3. Double-click the SecureStorageBackup.exe file to start the Encryption Key Backup or Restore Wizard.

  4. On the Introduction page, click Next.

  5. On the Backup or Restore? page, select Backup the Encryption Key, and then click Next.

  6. On the Provide a Location page, type the path and filename for the encryption key. For example, if you want to specify the filename SMBackupkey.bin as the encryption key and save the key on the server MyServer in the Backup folder, type \\MyServer\Backup\SMBackupkey.bin, and then click Next.

  7. On the Provide a Password page, type a password that contains at least eight characters in the Password box. In the Confirm Password box, re-enter the same password, and then click Next.

    Note

    Recovery of the password is not possible if it is lost or forgotten.

  8. After you receive the message Secure Storage Backup Complete, click Finish.

To restore the encryption key

  1. Log on to the computer that hosts the Service Manager management server, data warehouse management server, or Self-Service Portal by using an account that is a member of the Administrators group.

  2. In Windows Explorer, open the Tools\SecureStorageBackup folder on the installation media.

  3. Double-click the SecureStorageBackup.exe file to start the Encryption Key Backup or Restore Wizard.

  4. On the Introduction page, click Next.

  5. On the Backup or Restore? page, select Restore the Encryption Key, and then click Next.

  6. On the Provide a Location page, type the path and filename for the encryption key. For example, if you want to specify the filename SMBackupkey.bin for the encryption key and save the key on the server MyServer in the Backup folder share, type \\MyServer\Backup\SMBackupkey.bin, and then click Next.

  7. On the Provide a Password page, type the password that you used to back up the encryption key in the Password box. In the Confirm Password box, re-enter the same password, and then click Next.

  8. After you receive the message, Secure Storage Key Restore Complete, click Finish.

Did you find this information helpful? Please send your suggestions and comments about System Center Service Manager documentation to scsmdocs@microsoft.com.