encryptChallengeAnswer utility

The encryptChallengeAnswer utility encrypts plain text data stored in the database column USERREG.CHALLENGEANSWER.

The MemberSubSystem/challengeAnswerEncrypted configuration attribute in the instance configuration file must be set to true to encrypt the data.

Note: After running the utility for the first time, we can use the MigrateEncryptedInfo utility to re-encrypt the data in USERREG.CHALLENGEANSWER.

Before beginning

Set the HostName and HostJDBCPort parameters in the utilities_root/schema/DBTYPE/migration/encryptChallengeAnswerDBUpdate.txt configuration file.

Syntax

Parameter values

database_type

Is the database type (db2 for DB2 databases, or oracle for Oracle databases).

instance_name

Is a mandatory parameter for the name of the instance, which to update.

num_of_threads

The number of threads that are created to re-encrypt the data. IBM recommends that this number matches the number of processors on the server that is running the utility.

commit_count

The number of records that are processed before the transaction is committed. Set the commit_count to the maximum number of transactions that the database transaction log allows. A suggested value for this parameter is 5000.

If the merchant keys are not retrieved from the Key Locator Framework, the following list shows the accepted parameters:

current_merchant_key

Is a mandatory parameter for the current merchant key.

If the merchant keys are retrieved from the Key Locator Framework, the accepted parameters are:

-k keys_config_file_location

The current and new merchant keys are to be retrieved from the Key Locator Framework using the specified key configuration file. The absolute path of the file must be specified.

Example 1

Runtime environment

The current merchant key, 1234567890abcdef1234567890abcdef, is stored in encrypted format in the instance.xml file, and we want to encrypt the existing plain text challenge answer values in the database using this merchant key. In the example, the data is stored in a DB2 database and "demo" is the instance name:

encryptChallengeAnswer db2 demo 4 5000 1234567890abcdef1234567890abcdef

Note: This example is setting the num_of_threads value to 4 (for a four-processor server) and the commit_count to 5000.

Related tasks
Running utilities from the Utility server Docker container

Related reference
Utilities