Changing the Encryption Key

The portal includes a keys.dat file used for data encryption. In new versions of Decisions Keys.dat is stored in c:\Program Files\Decisions\Decisions Services Manager\Instances\Control within the specific instance in question. The keys.dat file is created the first time encryption is used; for example, when a user-generated data type using encryption for a piece of its data is populated. This encryption setting is established by selecting the Encrypt Data checkbox when creating the custom data type.
As a precaution, it is recommended to create a copy of this file and store it in a safe location. It is critical for disaster recovery to have a backup of this file, otherwise, it is impossible to use encrypted data since the original key is needed. A new keys.dat file cannot decrypt data encrypted by a different keys.dat file.
It is not necessary to update the encryption key every time an upgrade is installed. It is only necessary for a disaster recovery situation.