Once you have enabled encryption on your database, every time the database is opened the keystore must be authenticated.

If you enable autostart, the authentication is done automatically. If autostart is not enabled, you must manually authenticate. To manually authenticate the keystore, every utility, server, or client that opens the database must supply a passphrase. Manual start is best very secure installations where very few users need to open the database.

ABL clients specify a passphrase for keystore authentication by adding the -KeyStorePassPhrase argument, followed by the passphrase to the CONNECT statement, as shown:

-KeyStorePassPhrase passphrase

It is the responsibility of the ABL application to handle prompting for the passphrase before executing the CONNECT statement.

Database utilities, servers, and single-user or shared memory clients indicate that they require a prompt for keystore authentication by adding the following parameter to the command line:

-Passphrase
Note: If you have specified the keystore user account for autostart, you can override your autostart authentication by adding -Passphrase or -KeystorePassPhrase, as appropriate for the command.

If access to the keystore cannot be successfully authenticated, the database cannot be opened.