Wensveen's Blog

October 19, 2018

Quickie: Generate EXM.CryptographicKey with PowerShell

Filed under: Uncategorized — Tags: , , — wensveen @ 9:37 am

The Sitecore documentation states that the EXM.InternalApiKey , EXM.CryptographicKey and the EXM.AuthenticationKey

must be represented in hexadecimal format by 64 characters and you can only use the symbols 0-9 and A-F.

However, it doesn’t say how to obtain said keys, nor the security considerations and implications of said keys. It’s obviously a Bad Thingtm to copy the example, or just use 64 zeroes (or any other character that fits the pattern).

I came up with two quick ways to generate the keys, which are essentially a hexadecimal representation of a 32-byte sequence.

Method 1 (use the .Net Random class)
$r = New-Object Random; $key = ""; for ($i = 0; $i -lt 32; $i++) { $key += $r.Next(256).ToString("X2"); }; $key | Set-Clipboard

Cons: You have to trust the .Net RNG to be secure enough.

Method 2 (use random.org):
(Invoke-WebRequest 'https://www.random.org/cgi-bin/randbyte?nbytes=32&format=h').Content.ToUpper() -Replace "[`n ]","" | Set-Clipboard

Cons: You need an active internet connection (and you need to trust random.org)

Both commands place the generated key on the clipboard, ready to paste into your configuration files.


Blog at WordPress.com.