B.7.6 Encryption Key Properties

Under encryption, specify the encryption key that MicroTx uses to encrypt the access and refresh tokens. You must provide values for these properties if you have enabled the authTokenPropagationEnabled property under tmmConfiguration.authorization.

Property	Description
EncryptionSecretKeyVersion	Specify the version of the key that you want to use for encrypting the transaction tokens.
secretKeys.secretKeyName	Specify the name of the environment variable which points to the Docker secret that contains the encryption key. To support the encryption keys rotation, you can specify multiple encryption keys and their versions.
secretKeys.version	Enter the version of the Docker secret that you want to use.

If you create a new Docker secret, do not delete the entry for the previous secret immediately. You may delete the old secret and the corresponding entry in the tcs-docker-swarm.yaml file after a few days because existing transactions may be using the older versions of the key. After a few days, you can update the tcs-docker-swarm.yaml file, and then update MicroTx.

The following code snippet provides sample values for the encryption field in the tcs-docker-swarm.yaml file. The sample values in this example are based on the values used in the sample commands in Create Encryption Key and Key Pair.

encryption:
  secretKeys: '{"secretKeys":[{"secretKeyName":"TMMSECRETKEY", "version":"1"}]}'
  #TMMSECRETKEY is the environment variable that points to the Docker secret that contains the encryption key. 
  EncryptionSecretKeyVersion: 1