encryptChallengeAnswer utility
Recommended action: Use the MigrateEncryptedInfo utility to encrypt USERREG.CHALLENGEANSWER. You must first set the MemberSubSystem/challengeAnswerEncrypted flag in the wc-server.xml configuration file to true.
The encryptChallengeAnswer utility encrypts plain text data that is stored in the database column USERREG.CHALLENGEANSWER.
The MemberSubSystem/challengeAnswerEncrypted
configuration attribute in the
instance configuration file must be set to true to encrypt the data.
Before you begin
Set the HostName and HostJDBCPort parameters in the utilities_root/schema/DBTYPE/migration/encryptChallengeAnswerDBUpdate.txt configuration file.
Syntax
Parameter values
- database_type
- Is your database type (db2 for DB2 databases, or oracle for Oracle databases).
- instance_name
- Is a mandatory parameter for the name of the instance, which to update.
- num_of_threads
- The number of threads that are created to re-encrypt the data. It is recommended that this number matches the number of processors on the server that is running the utility.
- commit_count
- The number of records that are processed before the transaction is committed. Set the commit_count to the maximum number of transactions that your database transaction log allows. A suggested value for this parameter is 5000.
If the merchant keys are not retrieved from the Key Locator Framework, the following list shows the accepted parameters:
- current_merchant_key
- Is a mandatory parameter for the current merchant key.
If the merchant keys are retrieved from the Key Locator Framework, the accepted parameters are:
- -k keys_config_file_location
- Specify both the current key and the new key. The new key will be used to encrypt the challengeAnswer.