2.57 ENCRYPTTRAIL | NOENCRYPTTRAIL

Valid for

Extract

Description

Use ENCRYPTTRAIL to encrypt data records in subsequent Oracle GoldenGate trails until a NOENCRYPTTRAIL is encountered. This applies to EXTFILE, EXTTRAIL, RMTFILE and RMTTRAIL entries. ENCRYPTTRAIL is not recommended for RMTBATCH.

If you plan to use AES encryption or multiple flavors of encryption, then it's recommended to not use this parameter, but instead specific each encryption method as an option to EXTTRAIL, RMTTRAIL, EXTFILE, RMTFILE.

Default

NOENCRYPTTRAIL

Syntax

ENCRYPTTRAIL ← (Deprecated)
ENCRYPTTRAIL (GGS) ← (Deprecated)
ENCRYPTTRAIL (<AES>, KEYNAME <name>)

AES can be AES, AES128, AES192, or AES256.

The default is AES256.

Description

Specifies encryption explicity for each output trail.

AES trail encryption on HP NonStop currently uses the ENCKEYS file to store the trail master key. The default AES masterkey name is DEFAULT. There is no provision in the trail file header to store a keyname, hence there is no way to know what KEYNAME was used at the source. If you use a keyname other than DEFAULT, then you must specify that keyname in downstream readers with DECRYPTTRAIL and the key must match the key at the source.

The default masterkey is named DEFAULT and needs to be the same key value on every system that receives AES encrypted data.

AES trail encryption on HP NonStop cannot currently use the WALLET file used in theOpen System Oracle GoldenGate products. Do not use AES encryption to or from OpenSys using the Oracle Wallet. To use AES encryption to and from OpenSys, you must use the ENCKEYS file implementation.

Oracle GoldenGate trail files that contain any flavor of AES encryption can only be interrogated with the AES enabled version of LOGDUMP, which is LOGDUMPA.

LOGDUMPA can not be used to interrogate TMF.