MAC key files

The MAC key files contain encryption keys that are used to encrypt messages.

The database servers and client computers that participate in encryption normally require the same MAC key file. For information about how to switch between MAC keys, see Switch frequency.

The default MAC key file is the built-in file provided by Informix®. This file provides limited message verification (some validation of the received message and determination that it has come from the Informix client or server). A site-generated MAC key file performs the strongest verification. You can generate key files with the GenMacKey utility.

Each of the MAC key files is prioritized and negotiated at connect time. The prioritization for the MAC key files is based on their creation time by the GenMacKey utility. The built-in key file has the lowest priority.

Tip: If there are no MAC key files present, the built-in MAC key is used by default. However, by using a MAC key file, the default built-in MAC key is disabled.