SharePlex encryption provides the ability to encrypt replicated data across the network. SharePlexuses industry-standard Advanced Encryption Standard (AES) encryption.
The Export process controls whether encryption is performed and the size of the key. It communicates these factors to the Import process.
To configure encryption
On the source system:
On the source and target systems:
On the source system:
Set the Export parameter SP_XPT_ENABLE_AES to 1 on the source system. By default, this parameter is set to 0 (encryption is disabled).
sp_ctrl> set param sp_xpt_enable_aes 1
Restart Export to activate this setting after you finish configuring encryption.
By default the AES key size is 128 bits. To increase the key size to 192 or 256 bits, set the Export parameter SP_XPT_AES_KEY_LENGTH to the desired length on the source system. The parameter takes effect the next time that Export starts.
sp_ctrl> set param sp_xpt_aes_key_length {128 | 192 | 256}
Run the following command in sp_ctrl on the source system:
sp_ctrl> create encryption key
The command returns a randomly generated AES key, for example: E5F5D4CBA329D2C86B5D7ABA096C18600595490129F55A1422AAB0248B28D0E4.
Note: This command only generates the key. You must set the key on all systems. See Set the key on the source and target.
The encryption key must be set on the source system plus all of the target systems.
To set a key
Run the following command in sp_ctrl on the source and target systems.
sp_ctrl> set encryption key key
Component | Description |
---|---|
key |
The encryption key that was generated by the create encryption key command. The key must be set to the entire value that was generated by create encryption key. It must be 64 bytes long. Without further options, the command affects all routes. Example: sp_ctrl> set encryption key E5F5D4CBA329D2C86B5D7ABA096C18600595490129F55A1422AAB0248B28D0E4 |
The following example creates and sets the encryption key.
On the source:
sp_ctrl> create encryption key
On target 1:
sp_ctrl> set encryption key E5F5D4CBA329D2C86B5D7ABA096C18600595490129F55A1422AAB0248B28D0E4
On target 2:
sp_ctrl>set encryption key E5F5D4CBA329D2C86B5D7ABA096C18600595490129F55A1422AAB0248B28D0E4
To view the encryption key
Use the show encryption key command to view the key that is being used by SharePlex.
sp_ctrl> show encryption key
To reset the encryption key
Use the reset encryption key command to remove the encryption key.
sp_ctrl> reset encryption key
© 2021 Quest Software Inc. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy