Requirements for Exclusion Key Rules
Keep in mind the following requirements when configuring exclusion key rules:
-
Before adding an exclusion key rule to an existing policy, you must disable all GuardPoints protected with the policy. Log on to the CipherTrust Manager to disable the GuardPoint.
-
You cannot choose a versioned key for the key in an exclusion key rule. Only non-versioned keys or
clear_key
(no encryption) are valid for exclusion key rules. -
All exclusion key rules must be above all LDT transformation key rules in the Key Rules area in the policy.