Enable EAE

How to enable Enhanced Account Encryption.

  • Prepare the Groundplex nodes first. Requirements include:
    • The environment can't have a mix of Cloudplexes and Groundplexes.
    • Every Groundplex in the environment must be configured to use EAE with the same data key.
  • To use EAE and AutoSync in the same environment, understand the dependencies.
  1. Log into your environment and navigate to Admin Manager.
  2. From the navigation pane under Security select Account encryption.
  3. In the Encryption settings, tab select the Enhanced encryption option.
  4. Select the level of sensitivity:
    • High - Encrypts passwords and secret keys.
    • Medium and High - Encrypts usernames, passwords, and secret keys.
    • Low, Medium, and High - Encrypts host name, database names, database URL properties, usernames, passwords, and secret keys.
  5. To set a key for the entire environment (Org), select the target public key. Only keys that are available on all nodes are displayed.
  6. Confirm the new key. This configuration causes all accounts to be decrypted using the existing keys and then re-encrypted with the newly selected Org-level key.
  7. Click Save to apply Enhanced encryption.
It's good practice to rotate the keys periodically.