How Do I Regenerate the KEYS.dat on Command? Can I do this Every 2 Years?
Greetings,
I am looking to regenerate keys.dat from Decisions every two years for security reasons. I know that the keys.dat were generated during the installation, but how can we regenerate this every year? Is this even possible? Will the existing encrypted data break? Please help.
Comments
-
Hello there!
What you are asking for is absolutely possible! In Decisions, we call this Key Rotation. In order to perform this, first navigate to the Key Rotation Dashboard under Settings > Administration > Encryption.
1) Select the Start Encryption Key Rotation action on the Key Rotation dashboard.
2) A popup will appear. Confirm that the key will be rotated.
As for your question about what happens to the data, there are a few things to note. Firstly, cached data will not be affected. In addition, data that cannot be updated/decrypted during this process will:
- Become a task assigned to the admin group for review.
-and-
- Become recorded in a encryption_key_change_issue table within the Decisions database with the following columns:
- Source datatype Table
- Source datatype ID
- Field Name
- Data
- Date Time
- Current Key
If you need further information on this process, please refer to our documentation, which can be navigated to via the link below:
https://documentation.decisions.com/docs/encryption-key-rotation?highlight=rotate%20k
We hope this helps!
-Gregory
Howdy, Stranger!
Categories
- 2.1K All Categories
- 17 General
- 154 Installation / Setup
- 988 Flows
- 86 Rules
- 199 Administration
- 203 Portal
- 429 General Q & A
- 596 Forms
- 282 Reports
- 3 Designer Extensions
- 38 Example Flows
- 32 CSS Examples
- 1 Diagram Tile
- 5 Javascript Controls
- 137 Pages
- 1 Process Mining
- New Features
- 147 Datastructures
- 49 Repository
- 165 Integrations
- 25 Multi-Tenant
- 21 SDK
- 39 Modules
- 36 Settings
- 19 Active Directory
- 12 Version 7
- 34 Version 8