The Symantec Encryption Management Server (SEMS) Key Cache purge routines differ depending on how keys are retrieved. Keys retrieved from external key servers are purged as expected through the scheduled Key Cache. Keys that are retrieved from mail flow are stored and may not be removed at the same time.
Public keys that are acquired from external users are automatically cached on SEMS. When mail traverses through SEMS the public keys can, and may be harvested via key cache. SEMS can also be configured to search for and cache the public keys of recipients by means of a key server lookup. SEMS will then store those keys locally in Key Cache.
This is the intended behavior. The idea of Key Cache is to find the needed keys in an easier way. So, there is little interest to purge the cache in a shorter interval. If for some reason this is frequently required, please contact Technical Support.
An alternative; cached imported keys can also be purged from the management console via Keys > Key Cache > Options > Purge Selected.
Seen that the owner (or manager) of the key selects the expiration date. It is this person who determines how long a key can be used. Thus, increasing the cache expiration period does not make sense. If keys are required for longer periods, they should be imported. In the management console go to Keys > Key Cache > Options > Import Selected.
Subscribing will provide email updates when this Article is updated. Login is required.