In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-02-24 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Database >
Share
Shulou(Shulou.com)06/01 Report--
Local database encryption (i.e. Db2 native database encryption) is supported, but the current documentation is not perfect enough to provide specific commands and reference configurations to facilitate users to get started quickly.
As the Db2 Information Center says, there are two essential steps in creating a local encryption library:
Create a keystore file
Create a database using the 'ENCRYPT' option
Here are the specific steps and commands:
1. Create a keystore file
1.1 use stash files to create keystore files
$/ home2/db2ins35/sqllib/gskit/bin/gsk8capicmd_64-keydb-create-db ccardskeystore.p12-pw Str0ngPassw0rd-strong-type pkcs12-stash
1.2 here are the stash files and keystore files created
/ home2/db2ins35/tst_encrypt > ls-al
Total 16
Drwxr-xr-x 2 db2ins35 db2iadm 256 Nov 16 09:45.
Drwxr-xr-x 12 db2ins35 db2iadm 4096 Nov 16 09:45..
-rw- 1 db2ins35 db2iadm 0 Nov 16 09:37 ccardskeystore.p12
-rw- 1 db2ins35 db2iadm 129 Nov 16 09:37 ccardskeystore.sth
1.3.UPDAT dbm cfg using the keystore file created above:
/ home2/db2ins35/tst_encrypt > db2 "update dbm cfg using keystore_type pkcs12 keystore_location / home2/db2ins35/tst_encrypt/ccardskeystore.p12"
DB20000I The UPDATE DATABASE MANAGER CONFIGURATION command completed
Successfully.
/ home2/db2ins35/tst_encrypt > db2 get dbm cfg | grep-I keystore
Keystore type (KEYSTORE_TYPE) = PKCS12
Keystore location (KEYSTORE_LOCATION) = / home2/db2ins35/tst_encrypt/ccardskeystore.p12
two。 Create a database using the 'ENCRYPT' option
Note:
1) when you create a database using 'ENCRYPT', Db2 automatically generates master key for the database and adds it to the keystore file
2) currently, encryption of existing data is not supported. If you want to encrypt an existing database, you can back up first, and then use the encryption option to restore the backup to a new library.
2.1 create an encrypted database
/ home2/db2ins35/tst_encrypt > db2 create db mydb encrypt
DB20000I The CREATE DATABASE command completed successfully.
2.2 you can see the ENCRLIB and encrypts values that are automatically set:
/ home2/db2ins35/tst_encrypt > db2 get db cfg for mydb | grep-I encr
Encryption Library for Backup (ENCRLIB) = libdb2encr.a
Encryption Options for Backup (ENCROPTS) = CIPHER=AES:MODE=CBC:KEY LENGTH=256
Encrypted database = YES
Original text link:
Https://www.ibm.com/developerworks/community/blogs/IMSupport/entry/Hands_on_example_for_a_new_encrypted_database?lang=en
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
