How to Generate Profile Encryption Keys Using Windows PowerShell
This topic provides guidance on how to use Microsoft Windows PowerShell to generate a new profile encryption key to protect properties in the Profiles store of the Commerce Server Core Systems. You can use Windows PowerShell as an alternative to using the Profile Key Manager command line interface to generate new keys.
For detailed information about using the key generation process and about the Profile Key Manager tool itself, see Profile Key Manager.
Prerequisites
See Using Windows PowerShell for SharePoint 2010 Commerce Deployment for a list of variables and sample values that may be used in sample scripts provided in this topic.
Prior to generating the keys, see Preparing to Use the Profile Key Manager.
To generate a profile encryption key using Windows PowerShell
Following is a sample Windows PowerShell script that generates a new key and then adds the encrypted key to the registry.
$CommerceServerSiteName = "StoreFrontSite"
$ProfileKeymanagerPath = "C:\Program Files (x86)\Microsoft Commerce Server 9.0\Tools\ProfileKeyManager.exe"
$KeyFileName = $CommerceServerSiteName + ".key"
[Diagnostics.Process]::Start($ProfileKeymanagerPath, " /kn /o " + $KeyFileName)
$regPath = "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CommerceServer\9.0 Keys\" + $CommerceServerSiteName
[Diagnostics.Process]::Start($ProfileKeymanagerPath, " /ke /f /kf .\" + $KeyFileName + " /reg """ + $regPath + """")
See Also
Other Resources
Using Windows PowerShell for SharePoint 2010 Commerce Deployment
Walkthrough: Deploying SharePoint 2010 Commerce Solution in a Two-Tier Topology
Walkthrough: Deploying a SharePoint 2010 Commerce Solution in a Three-Tier Topology