cancel
Showing results for 
Search instead for 
Did you mean: 

Encryption of replicating database

thelmacottage
Participant
1,578

We have a replicated database configuration. We need to encrypt it. I understand I have to run dbunload -ar with -ea , -ek.

I will have to do this for each DB at each site - will I have to do this all at the same time or can I do a phased approach ?

Do the algorithm and key need to be the same on all the remote DB's and the consolidated DB ?

If I do just a few remote sites first will dbremote still function okay ?

Of course I will be testing all this on a dev platform first but thought I'd ask before I get oo far.

Accepted Solutions (1)

Accepted Solutions (1)

regdomaratzki
Product and Topic Expert
Product and Topic Expert

I will have to do this for each DB at each site - will I have to do this all at the same time or can I do a phased approach ?

You can do a phased approach.

Do the algorithm and key need to be the same on all the remote DB's and the consolidated DB ?

No. Remember that when you start the database engine with a strongly encrypted database and/or connect to a strongly encrypted database, you will need to specify the encryption key. Your connection strings at each site will be different if you use a different key at each location.

If I do just a few remote sites first will dbremote still function okay ?

Yes. dbremote is unaffected by the change to a strongly encrypted database other than the fact that the connection string used to connect dbremote to the database is different.

Reg

VolkerBarth
Contributor

Note that in case you change the DBKEY lateron, you might need to supply the previous key for older logs in case they need to be read (say, because older transactions have to be re-sent).

Answers (0)