Siebel Security Guide > Communications and Data Encryption >

Managing the Key File Using the Key Database Manager

This topic describes how to run the Key Database Manager utility to add new encryption keys to the key file (keyfile.bin) and to change the key file password. The AES Encryptor uses the key in the key file to encrypt new data.

The Key Database Manager utility is named keydbmgr.exe on Microsoft Windows and keydbmgr on UNIX operating systems. It is located in the bin subdirectory of the Siebel Server directory.

CAUTION:  You must back up the key file before making changes to it. If the key file is lost or damaged, then it is not possible to recover the encrypted data without a backup key file.

To run the Key Database Manager

1. Shut down any server components that are configured to use encryption.

   For information on shutting down server components, see Siebel System Administration Guide.

2. From the bin subdirectory in the Siebel Server directory, run Key Database Manager using the following syntax:

   keydbmgr /u db_username /p db_password /l language /c config_file

   For descriptions of the flags and parameters, see Table 6.

3. When prompted, enter the key file password:
   • To add a new encryption key, see Adding New Encryption Keys.
   • To change the key file password, see Changing the Key File Password.
4. To exit the utility, enter 3.
5. Restart any server components that were shut down in Step 1.

   For information on starting server components, see Siebel System Administration Guide.

Table 6 lists the flags and parameters for the Key Database Manager utility.

The following topics provide information on adding new encryption keys to the key file and changing the key file password:

• Adding New Encryption Keys
• Changing the Key File Password