PROUTIL EPOLICY MANAGE creates encryption policies for Type I areas and for objects in Type II areas. The basic syntax for creating an encryption policy is:

proutil db-name -C epolicy manage object-type encrypt object-name

OpenEdge supports the object ciphers described in the following table:

Table 1. Object ciphers
ID Cipher Mode Size Key type
0 NULL NULL
1 AES CBC 128 binary
2 AES CBC 192 binary
3 AES CBC 256 binary
4 DES CBC 56 binary
5 DES3 CBC 168 binary

The object-type is one of the following: area, index, lob, or table, and the object-name is the name of the object, in quotes if necessary.

For example, the following command creates an encryption policy with the default cipher on a Type I area named DataArea100 in a database named t1demo:

proenv>proutil t1demo -C epolicy manage area encrypt "DataArea100"
OpenEdge Release 12
Encryption policy setting for Area DataArea100 in Area 100
Cipher specification setting to AES_CBC_128 completed.

Note that EPOLICY MANAGE operations on areas must be performed while the database is offline. See the PROUTIL EPOLICY MANAGE qualifier on page 1216 for the complete syntax of EPOLICY MANAGE.