Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Corrected links that should have been relative instead of absolute.

When any Template executes, all temporary files are stored in a repository folder. To prevent it from misuse, you may want to secure the folder. You can secure the repository folder by encrypting data in the folder. 

To encrypt the data, you need to create and configure a Keystore.

Table of Contents
maxLevel2

Creating a Keystore using Keytool

  1. Open Command Prompt.
  2. Go to the directory where JRE is installed.
  3. Run the following Keytool command to create a Keystore.

    For Windows:

    keytool.exe -genseckey -keystore <Keystore_path> -storetype <store_type> -storepass <Keystore_password> -keyalg AES -keysize 256 -alias <alias_name> -keypass <Key_password>

    For example:

    keytool.exe -genseckey -keystore <> -storetype JCEKS -storepass changeit -keyalg AES -keysize 256 -alias <> -keypass changeit

    For Linux:

    keytool -genseckey -keystore <Keystore_path> -storetype <store_type> -storepass <Keystore_password> -keyalg AES -keysize 256 -alias <alias_name> -keypass <Key_password>

    For example:

    keytool -genseckey -keystore <> -storetype JCEKS -storepass changeit -keyalg AES -keysize 256 -alias <> -keypass changeit

where,

         <Keystore_path> is the location of the Keystore. If the Keystore does not exist, the tool will create a new store. 

          <store_type> is the type of store. Only JCEKS is supported.

          <Keystore_password> is the password related to the Keystore. 

          <alias_name> is the name to be given to the newly created key.

          <Key_password> is the password protecting the use of the key.  

The Keystore is generated at the specified location and exit from the Command Prompt.

Configuring Keystore in Adeptia Connect

  1. Click Accounts > Settings.
  2. Expand Application Settings, and then select Common in the left panel.
  3. Expand the property category, Data Encryption at rest.
  4. Double-click the corresponding value fields for the properties mentioned in the table below to change their values.

    Property Name
    Description
    abpm.security.data.encryption.rest.enableTo enable or disable data encryption at rest. The possible value can be either Yes or No.
    abpm.security.data.encryption.rest.keystoreLocationLocation of the Keystore that will be used for data encryption.
    abpm.security.data.encryption.rest.aliasAlias name for the key.
    abpm.security.data.encryption.rest.keystorePasswordPassword of the Keystore.
    abpm.security.data.encryption.rest.keyPasswordPassword of the Key.
  5. Click Update.
    You'll see a message saying 'Properties saved successfully'. 

  6. Click Save.

After you enable encryption, the data stored before you enabled the encryption remains in plaintext. Therefore, before enabling the encryption it is advisable to run the encryption utility to encrypt the existing data present in the repository. If you do not encrypt the existing data, before enabling the encryption, repository data displayed on the GUIs may not be displayed correctly.

If due to any reason if you have not encrypted the existing data and have executed the transaction with encryption enabled, then in the repository folder the data will be a combination of plaintext and encrypted text. Therefore, you must encrypt plaintext separately. To do this:

  1. Move all the plaintext data in a separate folder. 
  2. Encrypt the folder using the Encryption utility. 
  3. After the records are encrypted successfully, copy the data of the encrypted folder in the repository.

After you have encrypted the data, enable the Encrypting data at rest feature. When the utility executes, you will have the encrypted data in the repository including the previous one. 


Panel
borderStylesolid
titleYou may be interested in...
What is new
Application architecture
Key terms
InstallDeploy
Usage scenarios