BAR_ENCRYPTION configuration parameter
Use the BAR_ENCRYPTION parameter to encrypt the backups.
- onconfig.std value
-
Not set. Backup data is not encrypted.
- takes effect
- When ON-Bar starts.
Usage
Use the BAR_ENCRYPTION configuration parameter to enable backup encryption, set the path to the keystore containing the credentials to access a remote key server or the path of a keyfile containing the backup encryption key, and specify the encryption cipher.
Syntax for the BAR_ENCRYPTION configuration parameter
>>-BAR_ENCRYPTION--keystore--=--keystore_name------------------>
'--keyfile---=--keyfile_name--'
>--+--------------------------+--------------------------------->
'-,--cipher--=--+-aes128-+-'
+-aes192-+
'-aes256-'
Field | Value |
---|---|
keystore | The keystore specifies the name of the keystore and stash file names. The
files are created in the ONEDB_HOME/etc directory:
You must manually back up the keystore and password stash files. These files are not backed up when you run a back up with the ON-Bar or ontape utilities. |
keyfile | The keyfile specifies the full path of a text file that contains a backup encryption key of suitable size for the cipher chosen. The key must be encoded in base64 format. |
cipher | Specifies the encryption cipher:
|