Quickie: Generate EXM.CryptographicKey with PowerShell

The Sitecore documentation states that the EXM.InternalApiKey , EXM.CryptographicKey and the EXM.AuthenticationKey

must be represented in hexadecimal format by 64 characters and you can only use the symbols 0-9 and A-F.

However, it doesn’t say how to obtain said keys, nor the security considerations and implications of said keys. It’s obviously a Bad Thingtm to copy the example, or just use 64 zeroes (or any other character that fits the pattern).

I came up with two quick ways to generate the keys, which are essentially a hexadecimal representation of a 32-byte sequence.

Method 1 (use the .Net Random class)
$r = New-Object Random; $key = ""; for ($i = 0; $i -lt 32; $i++) { $key += $r.Next(256).ToString("X2"); }; $key | Set-Clipboard

Cons: You have to trust the .Net RNG to be secure enough.

Method 2 (use random.org):
(Invoke-WebRequest 'https://www.random.org/cgi-bin/randbyte?nbytes=32&format=h').Content.ToUpper() -Replace "[`n ]","" | Set-Clipboard

Cons: You need an active internet connection (and you need to trust random.org)

Both commands place the generated key on the clipboard, ready to paste into your configuration files.

HTH,
Matthijs