Setting Up Site Keys on the Security Server

Use the sitekey program on the Security Server to generate a site key value for the Security Server's JDE.INI file.

A site key value is generated from a unique password that you enter in the sitekey program. Entering a unique, strong password ensures that the site key material that is used for the encryption is unique for each customer site. Follow these password rules to create a strong password:

• Enter a minimum of 8 characters and a maximum of 40 characters.

• Include both upper case and lower case letters.

• Include numbers (0, 1, 2, 3, 4, 5, 6, 7, 8, 9).

• Include the special underline (_) character. No other special characters are allowed.

• Use a letter for the first character.

• Use a letter or a number for the last character.

• At a minimum, use two upper case letters, two lower case letters, two numbers, and two special underline characters.

Only one site key is allowed in an EnterpriseOne system. If your system configuration includes more than one Security Server, after you create a site key, you must manually copy the site key text string from the [SITEKEY] section in JDE.INI file to all other JDE.INI files on the other Security Servers.

Caution: A site key is cached upon first usage, therefore, you must restart all EnterpriseOne systems to store a new site key in the cache. If you do not refresh the cache, your system could be using two different site keys at the same time, which is problematic because data encrypted with one site key cannot be decrypted with a different site key.

The following tasks describe how to use the commands in the sitekey program. A description of the commands is available in the sitekey program Action Menu:

C:\builds\e900\system\bin32>sitekey
        ACTION MENU
 d   Display site key entries found in JDE.INI
 c   Current site key - will prompt for password to be hashed
 p   Previous site key - will prompt for password to be hashed
Enter letter for action to take: