- The environment must have an Enhanced Encryption subscription and be configured to use it.
- A Linux Groundplex node with the latest Snaplex RPM/DEB installation package.
As root user on the Groundplex node's host, run the following command:
/opt/snaplogic/bin/jcc.sh addDataKey key_aliasThis command generates a new key pair and appends it to the keystore in the /etc/snaplogic folder with the specified alias.
Copy /etc/snaplogic/jcc-datakeys.jks and /etc/snaplogic/jcc-datakeys.pass to:
- On Linux machines: The /etc/snaplogic folder on all Snaplex node hosts.
- On Windows machines: The folder defined by the jcc.jvm_options global property
SL_KEY_DIRvalue in the Snaplex settings. The instructions to prepare Windows nodes describe how to find this property.
- Restart the nodes from the command line or from the IIP Dashboard.
- In the Classic Manager, From the navigation pane, select Settings.
- Scroll to Account Data Encryption and click Configure Encryption.
- Select the public key with the alias you provided on the command line in Step 2.
- Confirm the new key. This configuration causes all accounts to be decrypted using the existing keys and then re-encrypted with the newly selected Org-level key.
Click Update to apply Enhanced Encryption.
The new status displays if you click Enhanced Encryption.