on 2018 May 02 12:42 PM
We have a replicated database configuration. We need to encrypt it. I understand I have to run dbunload -ar with -ea , -ek.
I will have to do this for each DB at each site - will I have to do this all at the same time or can I do a phased approach ?
Do the algorithm and key need to be the same on all the remote DB's and the consolidated DB ?
If I do just a few remote sites first will dbremote still function okay ?
Of course I will be testing all this on a dev platform first but thought I'd ask before I get oo far.
Request clarification before answering.
I will have to do this for each DB at each site - will I have to do this all at the same time or can I do a phased approach ?
You can do a phased approach.
Do the algorithm and key need to be the same on all the remote DB's and the consolidated DB ?
No. Remember that when you start the database engine with a strongly encrypted database and/or connect to a strongly encrypted database, you will need to specify the encryption key. Your connection strings at each site will be different if you use a different key at each location.
If I do just a few remote sites first will dbremote still function okay ?
Yes. dbremote is unaffected by the change to a strongly encrypted database other than the fact that the connection string used to connect dbremote to the database is different.
Reg
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Note that in case you change the DBKEY lateron, you might need to supply the previous key for older logs in case they need to be read (say, because older transactions have to be re-sent).
User | Count |
---|---|
52 | |
8 | |
5 | |
5 | |
5 | |
5 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.