Wensveen's Blog

October 19, 2018

Quickie: Generate EXM.CryptographicKey with PowerShell

Filed under: Uncategorized — Tags: , , — wensveen @ 9:37 am

The Sitecore documentation states that the EXM.InternalApiKey , EXM.CryptographicKey and the EXM.AuthenticationKey

must be represented in hexadecimal format by 64 characters and you can only use the symbols 0-9 and A-F.

However, it doesn’t say how to obtain said keys, nor the security considerations and implications of said keys. It’s obviously a Bad Thingtm to copy the example, or just use 64 zeroes (or any other character that fits the pattern).

I came up with two quick ways to generate the keys, which are essentially a hexadecimal representation of a 32-byte sequence.

Method 1 (use the .Net Random class)
$r = New-Object Random; $key = ""; for ($i = 0; $i -lt 32; $i++) { $key += $r.Next(256).ToString("X2"); }; $key | Set-Clipboard

Cons: You have to trust the .Net RNG to be secure enough.

Method 2 (use random.org):
(Invoke-WebRequest 'https://www.random.org/cgi-bin/randbyte?nbytes=32&format=h').Content.ToUpper() -Replace "[`n ]","" | Set-Clipboard

Cons: You need an active internet connection (and you need to trust random.org)

Both commands place the generated key on the clipboard, ready to paste into your configuration files.

HTH,
Matthijs

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: