Table of Contents

Search

  1. Preface
  2. Runtime environments
  3. Hosted Agent
  4. Secure Agent groups
  5. Secure Agents
  6. Secure Agent installation in a cloud environment
  7. Secure Agent installation in a local environment
  8. Serverless runtime environment setup in AWS
  9. Serverless runtime environments

Runtime Environments

Runtime Environments

Changing the data encryption key on Linux

Changing the data encryption key on Linux

To change the Secure Agent data encryption key, use the consoleAgentManager rotateDeviceKey command.
Back up the Secure Agent installation directory before you change the data encryption key.
During upgrade, there can be two versions of the Data Integration Server running within the maintenance window. Do not change the encryption key until the upgrade has completed and the newer version of the Data Integration Server is the only version that is running.
  1. Stop the Secure Agent.
  2. Navigate to the following directory:
    <Secure Agent installation directory>/apps/agentcore
  3. Run the following command:
    ./consoleAgentManager.sh rotateDeviceKey INFA_AGENT_EXCLUDE_SEC_PROPS=<excluded security properties> INFA_AGENT_ADDITIONAL_SEC_PROPS=<additional security properties>
    You can exclude the following properties:
    OS_TYPE
    ,
    OS_ARCH
    ,
    HOSTNAME
    , and
    HWD_MAC_ADDR
    . Separate multiple properties with a comma.
    Additional properties can be any key=value pair. For example,
    instanceId=<AWS instance ID>,amiId=<AWS AMI ID>
    . Separate multiple properties with a comma.
    For example, to exclude the Secure Agent machine hostname and hardware MAC address from the encryption key and include the AWS instance ID, run the following command:
    ./consoleAgentManager.sh rotateDeviceKey INFA_AGENT_EXCLUDE_SEC_PROPS=HOSTNAME,HWD_MAC_ADDR INFA_AGENT_ADDITIONAL_SEC_PROPS=instanceId=<AWS instance ID>
  4. When the command completes successfully, if you excluded security properties, create the environment variable INFA_AGENT_EXCLUDE_SEC_PROPS in the source bash profile, and set the value to the same values that you set in the rotateDeviceKey command.
  5. If you added security properties, create the environment variable INFA_AGENT_ADDITIONAL_SEC_PROPS in the soource bash profile, and set the value to the same values that you set in the rotateDeviceKey command.
  6. Restart the Secure Agent.

0 COMMENTS

We’d like to hear from you!