| Siebel CRM Siebel Security Guide Siebel Innovation Pack 2017, Rev. A E24814-01 |
|
 Previous |
 Next |
View PDF |
| Siebel CRM Siebel Security Guide Siebel Innovation Pack 2017, Rev. A E24814-01 |
|
Previous |
Next |
View PDF |
The Siebel Gateway registry stores the information required by the gateway. This includes operational and connectivity information as well as configuration information for the Siebel Enterprise and Siebel Servers. If a gateway configuration parameter requires a password value, then the Siebel encryptor writes the password to the Siebel Gateway registry in encrypted format.
|
Note: End user passwords are not specified as parameter values for the gateway and are not stored in the Siebel Gateway registry. |
In the current release, passwords in the Siebel Gateway registry are encrypted using the AES algorithm. The encryptor generates the encrypted password using an encryption key that is unique to each parameter. The encryption key itself is generated based on repository information.
If you choose, you can increase the encryption key length for encrypting passwords. If you do increase the encryption key length for encrypted passwords in the Siebel Gateway registry, then the passwords have to be encrypted again using the new key. For more information, see "Running the Encryption Upgrade Utility".
For a list of some of the password parameters that are encrypted in the Siebel Gateway registry, and for information on how to reencrypt them, see "Reencrypting Password Parameters in Siebel Gateway Registry".
You must reset any passwords on the Siebel Gateway that were previously encrypted using RC4 encryption. In the current release, such passwords are encrypted using AES. For more information about reencrypting these passwords, see "Running the Encryption Upgrade Utility". Furthermore, the Siebel Server system service and server components do not work after a migration installation until you have updated them to use AES password encryption. Make these changes in coordination, as described in Siebel Installation Guide for the operating system you are using.
|
Note: When you upgrade to the current release, the Siebel Server system service password, which is required to connect the Siebel Server to the Siebel Gateway, is automatically reencrypted using AES encryption. The Siebel Gateway password parameter, which is set at the Siebel Enterprise level, is also automatically reencrypted. You do not have to reencrypt these passwords manually. |
Passwords in the Siebel Gateway registry are encrypted using 128-bit AES encryption. If you have many components in your system and you want to obtain a list of the encrypted passwords including the encryption value for each password, then complete the following procedure. This procedure assumes that Siebel Application Object Managers have been created for the components in your system.
To determine the encrypted parameters and values in Siebel Gateway registry
Obtain the list of components and component types in your system.
For each component type, list the parameters for the component using the following srvrmgr commands:
list params . . .
list advanced params . . .
list hidden params . . .
In the list of parameters returned, the encrypted parameters and their associated values are preceded with an asterisk (*) symbol.
Reencrypt the parameter values using srvrmgr if required.
For more information, see "Reencrypting Password Parameters in Siebel Gateway Registry".
