Deprecated feature

encryptChallengeAnswer utility

The encryptChallengeAnswer utility encrypts plain text data that is stored in the database column USERREG.CHALLENGEANSWER.

The MemberSubSystem/challengeAnswerEncrypted configuration attribute in the instance configuration file must be set to true to encrypt the data.

Note: After you run the utility for the first time, you can use the MigrateEncryptedInfo utility to re-encrypt the data in USERREG.CHALLENGEANSWER.

Before you begin

Set the HostName and HostJDBCPort parameters in the utilities_root/schema/DBTYPE/migration/encryptChallengeAnswerDBUpdate.txt configuration file.

Syntax

Diagram showing the encryptChallengeAnswer utility. Parameters are described in the following list.

Parameter values

database_type
Is your database type (db2 for DB2 databases, or oracle for Oracle databases).
instance_name
Is a mandatory parameter for the name of the instance, which to update.
num_of_threads
The number of threads that are created to re-encrypt the data. It is recommended that this number matches the number of processors on the server that is running the utility.
commit_count
The number of records that are processed before the transaction is committed. Set the commit_count to the maximum number of transactions that your database transaction log allows. A suggested value for this parameter is 5000.

If the merchant keys are not retrieved from the Key Locator Framework, the following list shows the accepted parameters:

current_merchant_key
Is a mandatory parameter for the current merchant key.

If the merchant keys are retrieved from the Key Locator Framework, the accepted parameters are:

-k keys_config_file_location
Specify both the current key and the new key. The new key will be used to encrypt the challengeAnswer.

Example 1

Runtime environment

The current merchant key, 1234567890abcdef1234567890abcdef, is stored in encrypted format in the instance.xml file, and you want to encrypt the existing plain text challenge answer values in the database using this merchant key. In the example, the data is stored in a DB2 database and "demo" is the instance name:

encryptChallengeAnswer db2 demo 4 5000 1234567890abcdef1234567890abcdef
Note: This example is setting the num_of_threads value to 4 (for a four-processor server) and the commit_count to 5000.