Reference Guide › Configuration File Reference › ENCRYPT Record

ENCRYPT Record

Use the ENCRYPT record to tell CA VM:Secure that all information in the directory database is encrypted.

ENCRYPT [DES3]

Configuration File

ENCRYPT is defined in the PRODUCT CONFIG file.

Definitions

DES3

Specifies that the triple DES algorithm is used for CA VM:Secure database encryption. If this operand is omitted, the single DES algorithm is used for database encryption. We recommend the use of the DES3 operand when ENCRYPT is specified.

Description

If the ENCRYPT record is omitted, the database must not be encrypted, or CA VM:Secure cannot read it.

If your database is encrypted, add the ENCRYPT record to the PRODUCT CONFIG file before initializing CA VM:Secure. The product server does not initialize without this record if your database is encrypted.

To generate an encrypted database, use the VMXGNR utility with the ENCRYPT option.

Note: Do not confuse this ENCRYPT record, which is in the PRODUCT CONFIG file, with the ENCRYPT record in the VMXRPI CONFIG file.

• The ENCRYPT record in the PRODUCT CONFIG file applies to encrypting the directory database.
• The ENCRYPT record in the VMXRPI CONFIG file applies to the Rules Facility and specifies how passwords are encrypted. This record is added to the file during installation of the Password Encryption Facility (PEF).

Note: For more information, see VMXGNR Utility. For more information about the Rules Facility, the ENCRYPT record, and PEF, see the Rules Facility Guide.