Skip to main content

Step 2: Register Site-Key Admin Account

Last updated: May 20, 2026Latest Frontend Version: 2.17.3
In this section
  • How to register a site-key admin account.
  • Site-key admin principles.
  • How to activate the site-key.
  • Reassigning the site-key to a new admin.

Prerequisites

Access Level:

Sitekey-admin

Permission Requirements

  • None.

Register a Site-Key Admin Account

To create a site-key admin account in tiCrypt, follow these steps:

  1. Open Connect Application.
  2. Select your deployment card.
  3. In the login window, select the Site-key category.
  4. Click the Create new site key button in the center.
  5. In the new window, click Continue.
  6. Enter your password twice to confirm and decrypt your site-key.
  7. Click Continue.
  8. Select a folder to save your public-private site-key pair and click Save.
  9. Click Redownload private or public key if you need to download your site-key pair again.
  10. Click Continue to site key.
  11. Wait for the Tera Insights team to counter-sign your keys.
  12. Once the keys are counter-signed, click Load key on the login page.
  13. Open the counter-signed site-key file that you saved locally.
  14. You will now be logged in.
info

Each deployment can have only one Site-Key Administrator. This role is critical for system security, enabling the creation of escrow groups and the management of other users' keys. All site-key signing operations must be performed offline to ensure security.

Confirmations, Errors & Solutions
Create Escrow Group Confirmation

Created request for new escrow group "name-of-the-escrow-group".

Export Certificates Confirmation

Exported total-number certificates to signed-certificates.json.

Unmatched Passwords

Passwords do not match.

Re-enter Passwords

Re-enter the same password in the Password field and the Confirm Password field.

Not Contacting Tera Insights Team

Please contact Tera Insights or your system administrator for more information and the next steps.

Contact Tera Insights Team

Contact the Tera Insights team at info@terainsights.com to activate your site-key account.

Not Entering Your Password Upon Signing

You must enter the password to decrypt your key.

Enter Your Password

You must enter your site-key password to decrypt your private key and sign the certificates in the site-key interface.

Failed to Sign Certificates

Failed to sign certificates: incorrect password.

Re-enter Password in Password Field

When logged into the Site-key interface, re-enter your password by the selected certificates and click Sign all and download.

Purpose of the Site-Key in tiCrypt

The site-key is a unique private key designed for specific scenarios involving escrow users.

In tiCrypt, the site-key mechanism, managed by the Site-Key Administrator, enables the management of escrow users. To function, the site-key must be counter-signed by Tera Insights, LLC and integrated into the tiCrypt backend via a configuration file.

Site-Key Activities Include:

  • Key Pair Generation: The Site-Key Administrator generates a public-private key pair using tiCrypt’s front-end dedicated to site-key operations.

  • Private Key Stewardship: Maintaining the security of the private site-key is essential, as it underpins the security of escrow keys and, by extension, user keys.

  • Escrow Group Management: The Administrator is responsible for creating and disbanding escrow groups according to operational needs.

  • Escrow User Management: This involves adding new escrow users to groups and removing them as required to maintain system security and functionality.

These responsibilities reflect the central role of the Site-Key Administrator in maintaining tiCrypt's security framework and safeguarding user data.

The site-key is:

  • Received and counter-signed by Tera Insights, LLC.
  • Fully dissociated from the tiCrypt backend.
  • Shared only via super-admin collaboration.
  • Used only to sign digital orders that specify escrow users and group administration.
  • Once signed, it is safely emailed or transferred via thumb drives to the tiCrypt super-administrator.
info
  • The system has no record of where the site-key resides.
  • Site-key administration is fully dissociated from the tiCrypt backend and does not require backend access.
  • There is a single site-key admin in every system. If the site-key admin leaves the organization, a new set of site-keys is produced.
caution

The generated public key file (pub.json) remains inactive until it is counter-signed by Tera Insights.

Activating a New Site-Key

Site-keys are generated upon Site-Key Admin account registration. Only the Tera Insights, LLC team can activate the site-key.

Reassigning the Site-Key to a New Site-Key Admin

Avoid reassigning the site-key to a new Site-Key Administrator unless necessary. If reassignment is necessary, resend the public key to Tera Insights for re-signature.

Important Considerations for Digital Signatures:

  • Perform the signing process offline in a secure environment.
  • Control and monitor who can be an escrow user.
  • Work with the escrow group to recover user private keys.