Versions Compared

Old Version 23

changes.mady.by.user Nitin Beri

Saved on

compared with

New Version 24

changes.mady.by.user Saurabh Gupta

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

When any Process Flow executes, all temporary files are stored in a repository folder. To prevent it from misuse, you may want to secure the folder. You can secure the repository folder by encrypting data in the folder. 

...

  1. Open Command Prompt.
  2. Go to the directory where JRE is installed (for example, C:/Program Files/Java/jre8/bin).

  3. Run the following Keytool command to create a Keystore.

    For Windows:

    keytool.exe -genseckey -keystore <Keystore_path> -storetype <store_type> -storepass <Keystore_password> -keyalg AES -keysize 256 -alias <alias_name> -keypass <Key_password>

    For Linux:

    keytool -genseckey -keystore <Keystore_path> -storetype <store_type> -storepass <Keystore_password> -keyalg AES -keysize 256 -alias <alias_name> -keypass <Key_password>

    where,
              <Keystore_path> is the location of the Keystore. If the Keystore does not exist, the tool will create a new store. 

              <store_type> is the type of store. Only JCEKS is supported.

              <Keystore_password> is the password related to the Keystore. 

              <alias_name> is the name to be given to the newly created key.

              <Key_password> is the password protecting the use of the key.  

    The Keystore is generated at the specified location.  


  4. Exit from the Command Prompt.

...

However, after you enable the encryption, the data at rest (data stored before you enabled the encryption ) remains in plain text, thus not encryptedplaintext. Therefore, before enabling the encryption it is advisable to run the Encryption utility to encrypt the existing records data present in the repository. If you do not encrypt the existing data, before enabling the encryption, the plaintext repository data in the repository would hamper the running of the process flow. displayed on the GUIs may not be displayed correctly.

If due to some reasons you don not want to encrypt the data at rest before enabling the encryption, then follow the below steps

To encrypt the existing records present in the Process Flow repository (in plaintext):

...

any reason if you have not encrypted the existing data and have executed the transaction with encryption enabled, then in the repository folder the data will be a combination of plaintext and encrypted text. Therefore, you have encrypted plaintext separately, to do this:

  1. Move all the plaintext data in a separate folder. 
  2. Encrypt the folder using the Encryption Utility. 
  3. After the records are encrypted successfully, copy the records data of the encrypted folder in the Process Flow repository.

After you have encrypted the data, enable the Encrypting data at rest feature. When the utility executes, you will have the encrypted data in the repository including the previous one. 

...