Learn about Security and Auditing

Autostart

Save PDF

Autostart

Save PDF

Last Updated: March 30, 2020
1 minute read

OpenEdge
Version 12.2
Documentation

Autostart delivers a passphrase you configure to open the keystore automatically, so there is no prompting for a keystore passphrase. Autostart mode does not impact scripts, but gives unfettered access to encrypted data.

Autostart can be configured when you enable your database for encryption by adding -Autostart { user | admin } to the PROUTIL ENABLEENCRYPTION command. If you do not specify -Autostart, manual start is configured. Specifying -Autostart admin is recommended only in a development environment. You can change the autostart configuration to use a different keystore account with the PROUTIL EPOLICY MANAGE command at a later point in time.

To change your autostart configuration to the keystore user account:

If you did not supply a keystore user account passphrase when you enabled your database for encryption, create one now using PROUTIL EPOLICY MANAGE. You must specify the keystore admin passphrase with -Passphrase if the database is not enabled for autostart with the admin account, as shown:

`proenv>proutil t1demo -C epolicy manage keystore userphrase -Passphrase OpenEdge Release 10.2B1P as of Fri Nov 20 19:01:52 EST 2009 Enter the keystore passphrase for database t1demo: This command modifies encryption access control in the Keystore file. After successful completion of the command, the Keystore file must be backed-up. (15518) Enter new passphrase [required] : Please Retype your Passphrase for Verification Enter new passphrase [required] : proenv>`

proenv>proutil t1demo -C epolicy manage keystore userphrase -Passphrase
OpenEdge Release 10.2B1P as of Fri Nov 20 19:01:52 EST 2009
Enter the keystore passphrase for database t1demo:

This command modifies encryption access control in the Keystore file. 
After successful completion of the command, the Keystore file must be 
backed-up. (15518)
Enter new passphrase [required] :

Please Retype your Passphrase for Verification
Enter new passphrase [required] :

proenv>

Change your autostart configuration by entering the keystore user account passphrase when prompted:

`proenv>proutil t1demo -C epolicy manage autostart user -Passphrase OpenEdge Release 10.2B1P as of Fri Nov 20 19:01:52 EST 2009 Enter the keystore passphrase for database t1demo: Manage autostart enable has been selected. (15523) This command modifies encryption access control in the Keystore file. After successful completion of the command, the Keystore file must be backed-up. (15518) proenv>`

proenv>proutil t1demo -C epolicy manage autostart user -Passphrase
OpenEdge Release 10.2B1P as of Fri Nov 20 19:01:52 EST 2009
Enter the keystore passphrase for database t1demo:

Manage autostart enable has been selected. (15523)
This command modifies encryption access control in the Keystore file. After 
successful completion of the command, the Keystore file must be backed-up. 
(15518)

proenv>

You can disable autostart at any time using PROUTIL EPOLICY MANAGE, as shown:

`proenv>proutil t1demo -C epolicy manage autostart disable -Passphrase OpenEdge Release 10.2B1P as of Fri Nov 20 19:01:52 EST 2009 Enter the keystore passphrase for database t1demo: Manage autostart disable has been selected. (15523) This command modifies encryption access control in the Keystore file. After successful completion of the command, the Keystore file must be backed-up. (15518) proenv>`

proenv>proutil t1demo -C epolicy manage autostart disable -Passphrase
OpenEdge Release 10.2B1P as of Fri Nov 20 19:01:52 EST 2009
Enter the keystore passphrase for database t1demo:

Manage autostart disable has been selected. (15523)
This command modifies encryption access control in the Keystore file. After
successful completion of the command, the Keystore file must be backed-up. 
(15518)
proenv>

Observe that -Passphrase is added to the command line to override the autostart user account configuration and use the admin account.