Update encrypted data using MigrateEncryptedInfo (server offline)
You can change the merchant key and update the encrypted data using the command line tool, MigrateEncryptedInfo. This utility supports two ways of specifying the values of the merchant keys. One is to provide the actual values of the old and new merchant keys as command line arguments. The other is to retrieve the values through the Key Locator Framework.Note:
- If we want to consider an option with a minimal downtime, see Updating encrypted data using MigrateEncryptedInfo (server online).
You can now run the
MigrateEncryptedInfo utility in a development
environment as long as the server is offline.
Procedure
- Back up your database, following the instructions in your database engine documentation.
- Stop the Transaction server Docker container.
- Run the MigrateEncryptedInfo utility Ensure that you are aware of the following considerations when running the utility:
- If your merchant key is stored in the instance_name.xml file and we want to change the value in that file, complete the steps in Example 1.
- If your merchant key is stored in the instance_name.xml file
and we want to change the value and store the value in an external file, complete the steps in
Example 2. - If your merchant key is stored in an external file and we want to change the value, complete the steps inExample 3.
- If your merchant key is stored in an external file and we want to change the value by
-interactive parameter and store it to a different file, complete the steps in
Example 4.
The MigrateEncryptedInfo tool generates the following log files:
- CCInfoMigration.log
- migrateFailedRecords_TABLENAME.log
- MKChangeUserAndCCInfoMigration.log
- MigrateEncryptedInfoError.log
in the following directory:
- (In the Utility server Docker container) /opt/WebSphere/CommerceServer90/logs
- WCDE_installdir/logs
Review the information in these log files and ensure they do not contain any error messages. To re-encrypt multiple records in parallel, use more than one thread.