Changing the Encryption Key

The portal includes a keys.dat file used for data encryption. This file is not created until an encryption option is selected and thus an encryption key made.

As a precaution, it is recommended to create a copy of this file and store it in a safe location. It is critical for disaster recover to have a backup of this file, otherwise, it is impossible to use encrypted data since the original key is needed. A new keys.dat file cannot decrypt data encrypted by a different keys.dat file.

It is not necessary to update the encryption key every time an upgrade is installed. It is only necessary in a disaster recovery situation.

The keys.dat file is created the first time encryption is used; for example, when a user-generated data type using encryption for a piece of its data is populated. This encryption setting is established by selecting the Encrypt Data checkbox when creating the custom data type:

 

Additional Resources

• Integrating Decisions with External Oracle Database