Enable transparent data encryption for an OpenEdge Replication-enabled source database

You can enable encryption for an OpenEdge Replication source database that is already configured and running in a replicated environment with at least one target database. The following procedures provide the steps you follow, first for an offline database and then for an online database.

For additional details about the Encryption Policy Area, the encryption command and passphrases, and encryption policies in general, see Manage the OpenEdge Database.

To enable encryption for a Replication-enabled source database that is offline:

  1. Add the Encryption Policy Area to both the source and target databases.
  2. Enable encryption on the source database.
    Use the following command: 
    proutil source-db-name -C enableEncryption 
   [-Cipher cipher-number][-Autostart admin | user]
  3. Update the Encryption Policy on the source database as required.

    Use the following command:

    proutil source-db-name -C epolicy manage . . .

    Note that entering the command as shown above, without supplying any arguments, generates an error.) to the target machine and place it into the target database directory. (The source database key store was created when you enabled the source database for transparent data encryption.) The keystore must have the same name as the target database; if it does not, rename it once it is on the machine where the target resides.

  4. Copy the source database key store (source-db-name.ks
Encryption is now enabled for the source database and will be enabled on the target database once both databases are started and replication activity resumes.