Updating encrypted data using MigrateEncryptedInfo (server online)
When the server is running, you can change the merchant key and update encrypted data with the MigrateEncryptedInfo utility. Use the Key Locator Framework (-k) option to specify the old and new keys to assign a version number to each key.
Note: To update encrypted data with the MigrateEncryptedInfo utility while the server is offline,
see Updating encrypted data using MigrateEncryptedInfo (server offline).
Before you begin
- The site must use a merchant key that is configured in the Key Locator Framework. That is, a custom key configuration file is already specified in Transaction server Docker container in application_dir/xml/config/wc-server.xml file.
- For Oracle databases, set the UNDO table space to a sufficiently large size.
From an SQLPlus prompt, enter the following
command:
alter database datafile undotablespace datafile autoextend on maxsize unlimited;
Procedure
- Back up your database, following the instructions in your database engine documentation.
-
Prepare the new key files and the key
configuration file.
Specify a new version for the new key that is different from the version that is used by the existing current key. Typically, the version is one higher than the version of the current key. Place the key configuration file in the following directory:
- workspace_dir/WC/xml/config
- (In the Utility server Docker container) application_dir/xml/config
- Package the changes to the custom XML files (For example, merchantKey_v2.xml, CustomKeys.xml, KeyEncryptionKey.xml, newMerchantKey_v2-1.xml, and newMerchantKey_v2-2.xml).
-
When all the servers are updated with the new key registered: