Environment Variables for CNG Protection
A set of environment variables are supported for controlling CNG protection options on a per-application basis. These variables are documented here to facilitate more complicated deployments, but it should be noted that they are liable to change between releases.
Environment Variable | Description | ||
---|---|---|---|
|
Passphrase for Softcard. This enables the passphrase to be specified programmatically rather than through the GUI passphrase prompt. Note: This can expose your passphrase.
|
||
|
|
||
|
If
|
||
|
By default, if a CNG provider must display GUI, it will display it in the calling application if not in Session 0, and in the nShield Service Agent if running in Session 0 (for example, running as a service). Setting (If setting this value to 1 ensure that the nShield Service Agent is running). |
||
|
Namespacing allows multiple users to generate user keys of the same name. Namespacing is enabled by default.
|
||
|
Configures the default permissions for the key blob files when machine keys are generated if no security descriptor is provided by the application.
By default, the machine key access control is configured as
|
||
|
Configures the default permissions for the key blob files when user keys are generated if no security descriptor is provided by the application.
By default, the user key access control is configured as
|
||
|
By default, this is used if an application, for example
|