
encryptChallengeAnswer utility
The encryptChallengeAnswer utility encrypts plain text data that is stored in the database column USERREG.CHALLENGEANSWER.
The MemberSubSystem/challengeAnswerEncrypted
configuration attribute in the
instance configuration file must be set to true to encrypt the data.
Before you begin
Set the HostName and HostJDBCPort parameters in the utilities_root/schema/DBTYPE/migration/encryptChallengeAnswerDBUpdate.txt configuration file.
Syntax
Parameter values
- database_type
- Is your database type (db2 for DB2 databases, or oracle for Oracle databases).
- instance_name
- Is a mandatory parameter for the name of the instance, which to update.
- num_of_threads
- The number of threads that are created to re-encrypt the data. It is recommended that this number matches the number of processors on the server that is running the utility.
- commit_count
- The number of records that are processed before the transaction is committed. Set the commit_count to the maximum number of transactions that your database transaction log allows. A suggested value for this parameter is 5000.
If the merchant keys are not retrieved from the Key Locator Framework, the following list shows the accepted parameters:
- current_merchant_key
- Is a mandatory parameter for the current merchant key.
If the merchant keys are retrieved from the Key Locator Framework, the accepted parameters are:
- -k keys_config_file_location
- Specify both the current key and the new key. The new key will be used to encrypt the challengeAnswer.
Example 1
The current merchant key, 1234567890abcdef1234567890abcdef, is stored in encrypted format in the instance.xml file, and you want to encrypt the existing plain text challenge answer values in the database using this merchant key. In the example, the data is stored in a DB2 database and "demo" is the instance name:
encryptChallengeAnswer db2 demo 4 5000 1234567890abcdef1234567890abcdef