Updating encrypted data using MigrateEncryptedInfo (server offline)
You can change the merchant key and update the encrypted data using the command line tool, MigrateEncryptedInfo. This utility supports two ways of specifying the values of the merchant keys. One is to provide the actual values of the old and new merchant keys as command line arguments. The other is to retrieve the values through the Key Locator Framework.
Note:
- If you want to consider an option with a minimal downtime, see Updating encrypted data using MigrateEncryptedInfo (server online).
You can now run the
MigrateEncryptedInfo utility in a development
environment as long as the server is offline.
Procedure
- Back up your database, following the instructions in your database engine documentation.
- Stop the Transaction server Docker container.
-
Run the MigrateEncryptedInfo utility
Ensure that you are aware of the following considerations when running the utility:
- If your merchant key is stored in an external file and you want to change the value, complete the steps in Changing the merchant key value in an external file.
- If your merchant key is stored in an external file and you want to change the value by using the -interactive parameter and store it to a different file, complete the steps in ../refs/rsemigrateencryptinfo.html#rsemigrateencryptinfo__Example2.
The MigrateEncryptedInfo utility generates the following log files:- CCInfoMigration.log
- migrateFailedRecords_TABLENAME.log
- MKChangeUserAndCCInfoMigration.log
- MigrateEncryptedInfoError.log
- (In the Utility server Docker container) /opt/WebSphere/CommerceServer90/logs
- WCDE_installdir/logs
Review the information in these log files and ensure they do not contain any error messages. To re-encrypt multiple records in parallel, use more than one thread.