In this article
...
Note | ||
---|---|---|
| ||
|
...
Note | ||
---|---|---|
| ||
Data keys are the same across JCC nodes; however, the server keys are unique for each JCC node. We recommend that you generate the data keys on a Linux machine and copy them into the SL_KEY_DIR folder on the Windows machine. The files have to be copied with the name as generated on the Linux machine: |
- On Windows-based Groundplex instances, copy the keys to a secure folder. Only the security administrators and users that run the Groundplex service must have access to the directory.
- Add the location of the directories as an environmental variable or Java property in Windows key directory as a Java property in the Snaplex configuration with the name SL_KEY_DIR.To add a Java property, add .
- Navigate to the target Snaplex in Manager, and then click to open it.
Click the Node Properties tab, and under Global Properties, click to enter the key-value pair:
Add the following in the Snaplex
property:
Paste code macro theme Agate jcc.jvm_options = -DSL_KEY_DIR=c:\\snaplogic_keys
- In the Create Snaplex dialog window, click Create. If you are updating an existing Snaplex, click Update.
- Restart the Windows service on all of the Groundplex nodes with the updated slpropz configuration.
...
- Log in as an Org admin and navigate to Manager > Settings, then click Configure Encryption.
On the Encryption Settings dialog, click the Groundplex tab (default), then select Enhanced encryption.
Verify that the same key is used on all nodes of the Groundplex; otherwise, you cannot configure the Org with Enhanced Encryption because all keys used across an Org must be consistent
Select the level of sensitivity based on the following:
- High. Encrypts passwords and secret keys
- Medium and High. Encrypts usernames, passwords, and secret keys
Low, Medium, and High. Encrypts host name, database names, database URL properties, usernames, passwords, and secret keys.
Info title Accounts for Snap Packs To learn about which fields are encrypted for an Account, see the sensitivity level definition in the Account’s documentation for that Snap Pack.
- High. Encrypts passwords and secret keys
To set a key for the entire Org, select the target key. Only those keys that are available on all nodes are displayed.
- Confirm the new key. This configuration causes all accounts to be decrypted using the existing keys and then re-encrypted with the newly selected Org-level key.
- Click Update to apply enhanced encryption.
...