diff --git a/pages/key-manager/api-cli/create-dek-api-cli.mdx b/pages/key-manager/api-cli/create-dek-api-cli.mdx index 3f24ec0308..2afdfc4ffd 100644 --- a/pages/key-manager/api-cli/create-dek-api-cli.mdx +++ b/pages/key-manager/api-cli/create-dek-api-cli.mdx @@ -68,7 +68,7 @@ If you need to use your DEK, you can decrypt it using the [Decrypt data operatio **Key Manager does not handle direct data encryption**. It is specifically designed to **encrypt and decrypt Data Encryption Keys (DEKs) and is limited to processing inputs up to 64 kB in size**. -However, you can use the DEK independently from Key Manager, for example with the [Tink extension](replace-with-link) or with [OpenSSL](replace-with-link). +However, you can use the DEK independently from Key Manager, for example with the [Tink extension](/key-manager/api-cli/encrypt-decrypt-data-with-km-dek/) or with [OpenSSL](/key-manager/api-cli/encrypt-decrypt-data-with-km-dek/). The way the KEK is generated, its length, and the encryption algorithm used, **cannot be changed or customized after creation**. However, unlike the KEK, you have the flexibility to choose any encryption algorithm (cipher) you prefer for encrypting and decrypting your data with the DEK. You are not restricted to a specific encryption method for the data itself. diff --git a/pages/key-manager/api-cli/encrypt-decrypt-data-with-km-dek.mdx b/pages/key-manager/api-cli/encrypt-decrypt-data-with-km-dek.mdx index a60ca229cb..df84c55438 100644 --- a/pages/key-manager/api-cli/encrypt-decrypt-data-with-km-dek.mdx +++ b/pages/key-manager/api-cli/encrypt-decrypt-data-with-km-dek.mdx @@ -171,7 +171,7 @@ Open a terminal and paste the following command to perform the actions described ### Encrypting a DEK manually -1. [Generate one data encryption key](replace-with-link) **for each plaintext you want to encrypt**. +1. [Create one data encryption key](/key-manager/how-to/create-manage-dek/) **for each plaintext you want to encrypt**. This ensures that each encryption operation uses a unique encryption key, enhancing security.