# Key Store

The **Key Store** is the repository containing RSA and DSA private keys, and optionally the corresponding X.509 Certificate.

By default, the system is distributed with three pre-generated private keys and corresponding X.509 self-signed certificates:

* **driver**: used for DMZ Driver - DMZ Gateway secure connection
* **sampleserverkey1**: to be used for testing purposes only, when a security-enabled server protocol is configured (e.g. SFTP, FTPS, HTTPS)
* **sampleclientkey1**: to be used for testing purposes only, when a security-enabled client protocol is configured (e.g. SFTP, FTPS, HTTPS)

The Key Store contains 3 tabs: **Keys**, **Certificates** and **Symmetric Keys**.

The **Keys** section of the **Key Store** card lists imported private keys.

These columns are available in the **Keys** tab:

* **Name**: unique name of the key
* **Size**: size of the key
* **Algorithm**: RSA, EdDSA, ECDSA

The 3 dots icon allows you to access the **Details**, **Export** and **Delete** options.

<figure><img src="/files/UCojCoD9EmXylKdsDJLO" alt=""><figcaption></figcaption></figure>

Note that DSA keys configured for the client/server SFTP protocol, cannot be longer than 1024 bits. This is due to a limitation in the implementation of the SSH protocol (rfc4253).

To search for keys in the **Keys** tab, either filter individual columns by entering all or part of the term you want to search for in the **field at the top of the column**, or use the **Filters** panel located on the right of the table. **In both methods, the search is case-sensitive**. The difference between these two approaches is the scope of the filtering. When using the first method, the system only considers the fields in a single column. In contrast, the second method applies the filter globally, affecting all fields in the table.

Refer to the [Creating a key](/data-mover-1.21/security/key-stores-and-trust-stores/key-store/creating-a-key.md) and [Importing a Key or Certificate](/data-mover-1.21/security/key-stores-and-trust-stores/key-store/importing-a-key-or-a-certificate.md) pages for the procedure that must be applied to create or import a key. Moreover, the [Examples](/data-mover-1.21/security/key-stores-and-trust-stores/key-store/examples.md) page gives you additional useful information.

{% hint style="warning" %}
When deleting a private key, remember to delete the accompanying X.509 Certificate.
{% endhint %}

The **Certificates** tab of the **Key Store** card lists the certificates of the RSA and DSA private keys.

These columns are available in the **Certificates** tab:

* **Name**: unique name assigned to the key
* **Serial Number**
* **Issuer DN** and **Subject DN**
* **Not before**: the certificate cannot be used before the date specified
* **Not after**: the certificate cannot be used after the date specified

The **Not before** and **Not after** columns can be ordered in ascending or descending mode.

The 3 dots icon allows you to access the **Details**, **Export** and **Delete** options.

<figure><img src="/files/YAH3FXLCRhEtRVW7i0C3" alt=""><figcaption></figcaption></figure>

To search for keys in the **Certificates** tab, either filter individual columns by entering all or part of the term you want to search for in the **field at the top of the column**, or use the **Filters** panel located on the right of the table. **In both methods, the search is case-sensitive**. The difference between these two approaches is the scope of the filtering. When using the first method, the system only considers the fields in a single column. In contrast, the second method applies the filter globally, affecting all fields in the table.

Refer to the [Creating a key](/data-mover-1.21/security/key-stores-and-trust-stores/key-store/creating-a-key.md) and [Importing a Key or Certificate](/data-mover-1.21/security/key-stores-and-trust-stores/key-store/importing-a-key-or-a-certificate.md) pages for the procedure that must be applied to create or import a key. Moreover, the [Examples](/data-mover-1.21/security/key-stores-and-trust-stores/key-store/examples.md) page gives you additional useful information.

The **Symmetric Keys** tab of the **Key Store** lists all symmetric keys.

These columns are available in the **Symmetric Keys** tab:

* **Name**: unique name assigned to the symmetric key
* **ID**: ID associated to the symmetric key
* **Item type**: symmetric key is assigned by the system.

The 3 dots icon allows you to access the **Export** and **Delete** options.

<figure><img src="/files/oXPXkpWbO2i5Sh6jlm1z" alt=""><figcaption></figcaption></figure>

To search for keys in the **Symmetric Keys** tab, either use the **field at the top of the Name column** by entering all or part of the term you want to search for, or use the **Filters** panel located on the right of the table. **In both methods, the search is case-sensitive**.

For detailed information, refer to the [Creating a symmetric key](/data-mover-1.21/security/key-stores-and-trust-stores/key-store/creating-a-symmetric-key.md) page.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.primeur.com/data-mover-1.21/security/key-stores-and-trust-stores/key-store.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.