Change the Encryption Mode
You can change the encryption mode used by Composer (for example to change from AES to AES/CBC/PKCS5Padding encryption). The encryption mode you select is used to encrypt connection parameters, secure user attributes, and Trusted Access tokens.
We recommend that you change the encryption mode used by Composer with the assistance of Composer Technical Support.
If you are upgrading to a newer version of Composer and you also want to change your encryption mode, perform the upgrade first and then complete the steps described here.
You must have system administration privileges to change the encryption mode.
You must have the full-strength Java Cryptography Extension (JCE) installed in your Java virtual machine (it's not there by default). You can download the JCE Unlimited Strength Jurisdiction Policy Files from Oracle at the following link: https://www.oracle.com/java/technologies/javase-jce8-downloads.html.
See also Encrypt Configuration Properties.
To change the encryption mode:
Start the Composer microservice. This will populate the Composer database using the original encryption (for example AES). See Start Composer Microservices.
Stop the Composer microservice. See Stop Composer Microservices.
Back up the Composer database. See Back Up the Metadata Store.
Modify the following encryption properties in the
zoomdata.properties
file:security.encryption.algorithm
andsecurity.encryption.key.algorithm
. For example:security.encryption.algorithm=AES/CBC/PKCS5Padding
security.encryption.key.algorithm=AESStart the Composer microservice. Composer will start using the new properties and the new encryption method. See Start Composer Microservices.
Comments
0 comments
Please sign in to leave a comment.