To re-encrypt the policy store data
XPSExport outputfile -xa -passphrase phrase -vT -vI -vW -vE -vF -e file_name -l log_file
Note: Although you can use XPSExport to export one or more granular objects, this procedure provides the arguments for exporting all of the policy store data. This ensures that the export includes all of the sensitive data. More information on exporting one or more granular objects exists in the Policy Server Administration Guide.
Specifies the name of the XML output file.
Note: The file name must be unique. The export fails if a file with the same name exists.
Example: psdata
Specifies that all of the policy data is to be exported.
Specifies a passphrase required for encryption of sensitive data. Record this value as it is required to import the sensitive data back into the policy store.
Limit: The passphrase must be contain at least:
Note: If the passphrase contains spaces, enclose it in quotes (").
(Optional) Sets verbosity level to TRACE.
(Optional) Sets verbosity level to INFO.
(Optional) Sets verbosity level to WARNING (default).
(Optional) Sets verbosity level to ERROR.
(Optional) Sets verbosity level to FATAL.
(Optional) Outputs log to the specified path.
(Optional) Specifies the file to which errors and exceptions are logged. If omitted, stderr is used.
XPSExport exports the policy store data and places the data file in the directory from which you ran the tool.
XPSImport input_file -passphrase phrase -vT -vI -vW -vE -vF -l log_path
Specifies the input XML file.
Specifies the passphrase required for the decryption of sensitive data.
Limit: The phrase must match the phrase you specified during export or the decryption fails.
(Optional) Sets verbosity level to TRACE.
(Optional) Sets verbosity level to INFO.
(Optional) Sets verbosity level to WARNING (default).
(Optional) Sets verbosity level to ERROR.
(Optional) Sets verbosity level to FATAL.
(Optional) Outputs log to the specified path.
(Optional) Specifies the file to which errors and exceptions are logged. If omitted, stderr is used.
XPSImport imports the data into the policy store. Sensitive data is encrypted using FIPS-compliant algorithms.
If your environment users Basic Password Services, you may now verify that the Password Blobs are re-encrypted using FIPS-approved algorithms.
Copyright © 2010 CA. All rights reserved. | Email CA about this topic |