Disables transparent data encryption on your database.

Syntax

proutil db-name -C disableencryption 
       [-Passphrase][[-userid userid][-password password]]

Parameters

db-name
Name of the database where you are disabling encryption.
-Passphrase
Specifies that the user must be prompted for a passphrase to authenticate the key store, before running this command.
-userid userid -password password
Specifies the userid and password of an authenticated database administrator.

Successful execution of DISABLEENCRYPTION has the following impact on your database:

  • BI encryption is disabled
  • AI encryption is disabled
  • All data is decrypted
  • All encryption policies are removed
  • The key store is archived (renamed dbname.ks.bk)

Notes

  • You cannot disable BI encryption while your database is online. You can run DISABLEENCRYPTION for an online database, but BI encryption will not be disabled until the BI is truncated and the database is restarted. DISABLEENCRYPTION issues a warning.
  • DISABLEENCRYPTION is interruptible, but will not restore the database to the state it was in prior to starting the disabling processing. If you interrupt the DISABLEENCRYPTION command, your database might be at one of the following points:
    • BI encryption is disabled (if run offline)
    • AI encryption is disabled
    • All ciphers of current policies are set to NULL
    • Add encrypted data are decrypted
    • All encryption policies are removed
    • Encryption is fully disabled
  • Because processing DISABLEENCRYPTION can take a long time, you may want to decrypt your data before issuing this command. Decrypt your data by setting your encryption policies to the NULL cipher and updating your data with PROUTIL EPOLICY.