Contents x
Storing Encryption Keys
  • 24 Jun 2022
  • 1 Minute to read
  • Print
  • Dark
    Light
Contents
  This documentation version is deprecated, please click here for the latest version.

Storing Encryption Keys

  • Updated on 24 Jun 2022
  • 1 Minute to read
  • Print
  • Dark
    Light
Article summary

Losing encryption key will result in data being unrecoverable
If a pre-existing database during installation contains encrypted data, this data must be opened with the respective key that encrypted it. If lost, the data will need to be recreated. 

Encryption keys encrypt sensitive database information such as connection strings for integrations, passwords, and any custom, encrypted data structures. 

Old encryption keys may be restored to allow new installations access to their respective database's secured data. 

Encryption keys support the following encryption methods: 

Encryption Keys (Keys.dat) are stored alongside the server in the following version-dependent locations. Keys remain outside of the database to isolate the key from its contents. 

  • v8 Keys.dat resides in C:\Program Files\Decisions\FileStorage\Settings.
  • v7 Keys.dat resides in C:\Program Files\Decisions\Decisions Server\Instances\Control.
  • v6 Keys.dat resides in C:\Program Files\Decisions\Decisions Services Manager\Instances\Control.

Multi-Tenant Servers

The multi-tenant Keys cannot be handled by the installer automatically, however; They are backed up automatically and can be found in installerbackup with “Instance Name” and “Date” in the file name.

New Installation

When establishing a new installation, the Encryption Keys window will not display. Instead the Decisions Installer will continue from the E-mail Server screen to the System Requirements window.

Instead, a new key file will be created automatically created. This key is subsequently backed up on uninstallation. 

Update Installation

Update installations apply to an installation that was made via the UPDATE button at the beginning of the installer, or installations made to a previously existing database.

Note that installing additional cluster servers will appear to be an UPDATE and should follow the instructions below.

No Keys Found

When installing, the Encryption Keys screen will prompt that encryption keys could not be found despite the update. 

In this case, it is important to generate a key file in the old version's installer first and then restore it in the new version's installer to access any needed encrypted data in the database upon upgrade.

Existing Keys Found

The installer automatically restores or reuses found encryption keys without any additional required actions. Action would only need to be taken if the key file was incorrect and needed to be replaced.

Uninstallation 

When Decisions is uninstalled, a backup of the installation's key file is placed in the installbackup folder; this is located at C:\Program Files\Decisions\installbackup. When running the installer after an uninstallation has previously occurred, The installer will look in this directory to try to recover key files if there are no existing keys. 

For further information on Installation, visit the Decisions Forum.
Was this article helpful?
What's Next
Decisions
Resources
Organization
Connect