Bookshelf Home | Contents | Index | PDF     

Siebel Security Guide > Communications and Data Encryption >

Increasing the Encryption Level

This topic describes how to upgrade Siebel Business Applications to 128-bit, 192-bit, or 256-bit encryption.

You can upgrade the key database file to use a level of encryption greater than 56-bit RC2 encryption provided you have installed the Siebel Strong Encryption Pack. For information on the Siebel Strong Encryption Pack, see About the Siebel Strong Encryption Pack and Installing the Siebel Strong Encryption Pack.

Table 8 shows the supported data encryption upgrade scenarios.

Table 8. Supported Encryption Upgrade Scenarios
Encryption Level to Upgrade From
Upgrade To 128-bit RC2 encryption
Upgrade To 128-bit AES encryption
Upgrade To 192-bit AES encryption
Upgrade To 256-bit AES encryption

No encryption

Yes

Yes

Yes

Yes

Standard Encryptor encryption

Yes

Yes

Yes

Yes

56-bit RC2 encryption

Yes

Yes

Yes

Yes

128-bit RC2 encryption

NA

Yes

Yes

Yes

128-bit AES encryption

NA

NA

Yes

Yes

192-bit AES encryption

NA

NA

NA

Yes

The following procedure describes how you upgrade the key database file to use a higher level of encryption.

To upgrade the key database file to use a higher level of encryption

  1. Install the Siebel Strong Encryption Pack.
  2. For information on this task, see Installing the Siebel Strong Encryption Pack.
  3. Make sure that the Siebel Gateway Name Server and Siebel Servers within the Siebel Enterprise are running.

    For more information, see Siebel System Administration Guide.

  4. On the Siebel Server where you installed the Siebel Strong Encryption Pack, open a command-line window and navigate to the SIEBEL_ROOT\siebsrvr\bin directory.
  5. Execute the appropriate command:

    On Windows:

    keydbupgrade.exe \u db_username \p db_password \l language \c config_file

    On UNIX:

    keydbupgrade /u db_username /p db_password /l language /c config_file

    The following table describes the flags and parameters for the keydbupgrade command.

    Flag
    Parameter
    Description

    /u

    db_username

    Username for the database user

    /p

    db_password

    Password for the database user

    /l

    language

    Language type

    /c

    config_file

    Full path to the application configuration file, such as siebel.cfg for Siebel Sales.
  6. When prompted, enter the key length you are upgrading from. If you have not implemented encryption before, select 56-bit encryption.
  7. Select the key length to upgrade to.
  8. Enter the key database manager password.

    For information about the key database manager password, see Managing the Key File Using the Key Database Manager.

    The utility upgrades the encryption level to the level you specified in Step 7.

  9. To verify that the encryption level has been upgraded, navigate to the following directory and note if the timestamp for keyfile.bin matches the time when you executed the keydbupgrade utility.
  10. After you verify that the encryption level has been upgraded, perform the following tasks in the order listed:
  11. Distribute the key file (keyfile.bin) that contains the increased encryption level to the other Siebel Servers in your Siebel Enterprise. Place it in the same directory on each Siebel Server, that is: SIEBEL_ROOT\siebsrvr\admin\
  12. Upgrade existing encrypted data to use the new encryption level.

    For more information, see About Upgrading Data to a Higher Encryption Level.

    
Siebel Security Guide Copyright © 2011, Oracle and/or its affiliates. All rights reserved. Legal Notices.