Migrate to Data Key Utility

New page added.

This utility retires the current encryption keys and uses the new data encryption keys which have been generated during the installation process. The fields that are currently kept encrypted with the HSM encryption keys will be decrypted by the current HSM keys, and re-encrypted using the new data encryption keys.

Uploading the Utility¶

A System Administrator will be responsible for uploading the utility through MIA (Utilities > Upload Utility).

To upload the utility:

• Do not select an Issuer or Group to upload this utility.

• Browse to locate and select the File name (MigrateToDataKeyUtility.war).

• Click the Apply button to upload the utility.

  The utility will be listed in the MIA utilities section (Utilities > Utilities): Encryption Key Migration Utility.

Running the Utility¶

To run the utility:

• Go to the MIA utilities section (Utilities > Utilities)

• Click the Run link adjacent to the Encryption Key Migration Utility's Creation Time.

  The Encryption Key Migration Utility screen is displayed prompting users to run the key retiring process on the main database.

Results¶

When the process is complete, the results will be available for immediate display. For further details about the utility run process, please refer to AA_HOME/mia_log.log.

If the process failed, please check AA_HOME/logs/mia_log.log regarding the cause of failure. The process can be resumed once the issue is resolved by clicking Resume button.

The utility will automatically retire the old encryption keys and activate the new data keys.