To change the Secure Agent data encryption key, use the consoleAgentManager rotateDeviceKey command.
Back up the Secure Agent installation directory before you change the data encryption key.
During upgrade, there can be two versions of the Data Integration Server running within the maintenance window. Do not change the encryption key until the upgrade has completed and the newer version of the Data Integration Server is the only version that is running.
Additional properties can be any key=value pair. For example,
instanceId=<AWS instance ID>,amiId=<AWS AMI ID>
. Separate multiple properties with a comma.
For example, to exclude the Secure Agent machine hostname and hardware MAC address from the encryption key and include the AWS instance ID, run the following command:
When the command completes successfully, if you excluded security properties, create the environment variable INFA_AGENT_EXCLUDE_SEC_PROPS in the source bash profile, and set the value to the same values that you set in the rotateDeviceKey command.
If you added security properties, create the environment variable INFA_AGENT_ADDITIONAL_SEC_PROPS in the soource bash profile, and set the value to the same values that you set in the rotateDeviceKey command.