Table of Contents

Search

  1. Preface
  2. Runtime environments
  3. Hosted Agent
  4. Secure Agent groups
  5. Secure Agents
  6. Secure Agent installation in a cloud environment
  7. Secure Agent installation in a local environment
  8. Serverless runtime environment setup
  9. Serverless runtime environments

Runtime Environments

Runtime Environments

Changing the data encryption key on Windows

Changing the data encryption key on Windows

To change the Secure Agent data encryption key, use the consoleAgentManager rotateDeviceKey command.
Back up the Secure Agent installation directory before you change the data encryption key.
The user account you use to change the encryption key must have privileges to delete files in the Secure Agent installation directory and its subdirectories.
During upgrade, there can be two versions of the Data Integration Server running within the maintenance window. Do not change the encryption key until the upgrade has completed and the newer version of the Data Integration Server is the only version that is running.
  1. Stop the Secure Agent.
  2. Open a command prompt as an administrator, and navigate to the following directory:
    <Secure Agent installation directory>/apps/agentcore
  3. Run the following command:
    consoleAgentManager rotateDeviceKey INFA_AGENT_EXCLUDE_SEC_PROPS=<excluded security properties> INFA_AGENT_ADDITIONAL_SEC_PROPS=<additional security properties>
    You can exclude the following properties:
    OS_TYPE
    ,
    OS_ARCH
    ,
    HOSTNAME
    , and
    HWD_MAC_ADDR
    . Separate multiple properties with a comma.
    Additional properties can be any key=value pair. For example,
    instanceId=<AWS instance ID>,amiId=<AWS AMI ID>
    . Separate multiple properties with a comma.
    For example, to exclude the Secure Agent machine hostname and hardware MAC address from the encryption key and include the AWS instance ID, run the following command:
    consoleAgentManager rotateDeviceKey INFA_AGENT_EXCLUDE_SEC_PROPS=HOSTNAME,HWD_MAC_ADDR INFA_AGENT_ADDITIONAL_SEC_PROPS=instanceId=<AWS instance ID>
  4. When the command completes successfully, if you excluded security properties, create the system environment variable INFA_AGENT_EXCLUDE_SEC_PROPS, and set the value to the same values that you set in the rotateDeviceKey command.
  5. If you added security properties, create the system environment variable INFA_AGENT_ADDITIONAL_SEC_PROPS, and set the value to the same values that you set in the rotateDeviceKey command.
  6. Restart the machine.
  7. If the Secure Agent doesn't start automatically, restart the Secure Agent.

0 COMMENTS

We’d like to hear from you!