Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 21 Next »

When the Process Flow executes, all the temporary files are stored in the repository folder. For security reasons, you may want to secure your repository folder from an unauthorized access. Adeptia facilitates you to secure your repository by encrypting the data at rest. With this feature, your repository gets stored in an encrypted form.

To encrypt the data, you need to configure the following:

  • Create Keystore using Keytool
  • Configure Keystore in Adeptia Suite

Creating Keystore using Keytool

  1. Open Command Prompt.
  2. Go to the directory where JRE is installed (for example, C:/Program Files/Java/jre8/bin).

  3. Run the following Keytool command to create a Keystore.

    For Windows:

    keytool.exe -genseckey -keystore <Keystore_path> -storetype <store_type> -storepass <Keystore_password> -keyalg AES -keysize 256 -alias <alias_name> -keypass <Key_password>

    For Linux:

    keytool -genseckey -keystore <Keystore_path> -storetype <store_type> -storepass <Keystore_password> -keyalg AES -keysize 256 -alias <alias_name> -keypass <Key_password>

    where,
              <Keystore_path> is the location of the Keystore. If the Keystore does not exist, the tool will create a new store. 

              <store_type> is the type of store. Only JCEKS is supported.

              <Keystore_password> is the password related to the Keystore. 

              <alias_name> is the name to be given to the newly created key.

              <Key_password> is the password protecting the use of the key.  

    The Keystore is generated at the specified location.  

  4. Exit from the Command Prompt.

Configuring Keystore in Adeptia Suite

  1. Login to Adeptia Suite as an administrator.
  2. Go to Administer > Setup > Application Settings > Update System Properties.
  3. Expand Systems > Data Encryption at rest.

  4. Set the value in the below parameters:

    Property NameDescription
    abpm.security.data.encryption.rest.enableTo enable or disable data encryption at rest. The possible value can be Yes or No.
    abpm.security.data.encryption.rest.keystoreLocationLocation of the Keystore that will be used for data encryption.
    abpm.security.data.encryption.rest.aliasAlias name for the key.
    abpm.security.data.encryption.rest.keystorePaswordPassword of the Keystore.
    abpm.security.data.encryption.rest.keyPasswordPassword of the Key.
  5. Click Save to save the changes.
  6. Click Reload Configuration to reflect the changes.
  7. Restart Kernel and WebRunner.

Before enabling Encrypting data at rest feature, it is advisable to run the Encryption utility to encrypt the existing records present in the repository. If you do not encrypt the data then you will find the data in the repository in the plain text creating hindrance in the encrypted data and plain text. If you want to encrypt the existing records present in the Process Flow repository (in plain text) then do the following:

  1. Copy all the records in a separate folder. 
  2. Encrypt the folder using the Encryption Utility. 
  3. After the records are encrypted successfully, copy the records of the encrypted folder in the Process Flow repository folder.

Using Encryption Utility

You can encrypt or decrypt the repository using Encryption Utility. To encrypt or decrypt, you need to configure the encryption properties in the encryption-info.properties file.

To encrypt or decrypt a folder:

  1. Extract the Encryption_Utility.zip file in the bin folder where Adeptia Suite is installed, for example, C:/Program Files/Adeptia Suite/AdeptiaSuite-x.x/bin/Encryption_utility.
  2. Open the extracted folder.
  3. Open encryption-info.properties file in any Text Editor.

  4. Provide the values for the following properties.

    Property Name
    Description
    encryption.repository.pathPath of the folder to encrypt or decrypt. If you are using the utility in the Windows environment, separate the path by either using a backward slash "\\" (D:\\Smith\\encrypt) or forward slash "/" (D:/Smith/encrypt).
    encryption.keystore.locationKeystore location. If you are using the utility in the Windows environment, separate the path by either using a backward slash "\\" (D:\\Smith\\encrypt) or forward slash "/" (D:/Smith/encrypt).
    encryption.keystore.aliasAlias name for the Keystore.
    encryption.key.passwordPassword of the key.
    encryption.keystore.passwordPassword of the Keystore.

     

  5. Save the file.
  6. Go to the extracted folder. 
  7. For Windows, double-click encrypt.bat.
    For Linux, execute encrypt.sh on the Terminal.
    The utility starts running.
  8. To encrypt the folder, press 1.
    To decrypt the folder, press 2.



  9. The utility starts encrypting or decrypting the folder. A message "Encryption or Decryption has successfully completed" indicates successful encryption or decryption.

    You can view the details of the execution from the encryptionUtils.log file available at C:/Program Files/Adeptia Suite/AdeptiaSuite-x.x/bin/Encryption_utility. You can also find the reason for the failure of the execution from this file.
  • No labels