1. Installation Guide
  2. Secure Oracle Argus Safety
  3. Oracle Argus Safety Password Management—Cryptography Tool
  4. Reset Password or Change the Cryptography Key
  5. Edit Keys

Edit Keys

An administrator might want to change a key due to various reasons like a policy to change key every few days, or to avoid network compromise, etc.

  1. Launch the Cryptography Key Editor.
    The Key Editor Utility screen appears.
  2. Click Existing.
    The Key Editor Login or Re-encrypt ARGUSUSER screen appears.
  3. Enter the ARGUSUSER password.
  4. Enter the APR_USER password.
    This field appears only when you have installed Oracle Argus Insight along with Oracle Argus Safety.
  5. Enter the database name.
  6. Click Login.
    The Key Editor Options for Existing Installation screen appears.
  7. Enter the DBA User Name and User Password.
  8. Click Validate.
  9. Select the Edit Key checkbox.
    This enables the child checkboxes of User Key and Cookie Key.

    The User Key is used for all the encrypted strings which are persisted in the database or file server.

    The Cookie Key is only used to encrypt and decrypt the key.

    The user has the option to change either one or both keys.

  10. Select the checkboxes in front of the key that you want to change.
  11. Change the Key Size drop-down value, if you wish to change the key size. Key Size is measured in bits of the key used in a cryptographic algorithm.
  12. Click Re-Generate.
    This will change the value of the checked items and the new value will be visible in the textbox.
  13. Click Execute.
    The Reason for this Action dialog box appears, prompting the user to add a reason for his action.

    The text entered here is visible in the Audit Log in the Oracle Argus Safety application.

  14. Click OK.
  15. Check the status box to verify if the operation has been successful.
  16. If the operation is successful and the Cryptography key is checked, then the changed key is now stored in the ArgusSecureKey.ini.
    You should now copy this file from the .\Windows folder of the current machine and paste it to the .\Windows folder of all web servers.
  17. When the user key is changed, all the encrypted strings in the database are re-encrypted using the new key.
    However, there are still some other file server locations where this key change must also be applied manually. The following is a list of places where the changes must be done manually:
  18. Items to be changed from the User Interface:
    String Description

    Argus Services

    Open Argus Safety Service Configuration: Open all the processes and enter password again.

    Cyclone

    Open ESM Mapping utility and re-enter the Cyclone password.

    ESM Common User

    Open ESM Mapping utility and re-enter the ESM Common User password.

Parent topic: Reset Password or Change the Cryptography Key