To add a master key, follow the steps below:
- Add the new master key to the master keystore file.
-
Define the new master key alias and password by one of the following
ways:
- Add the key alias and password in the alfresco-global.properties file; or
- Add the key alias and password by using the JMX operations. Follow the sequence of steps from Step 3 onwards. Note: The values set on a subsystem will mean that the property values from configuration files may be overwritten or ignored. Use the JMX client to set the configuration properties.
-
On the JConsole window, select the
MBeans tab.
The available managed beans are displayed in JConsole.
-
Navigate to Alfresco > Configuration > ContentStore > managed >
encrypted > Attributes.
The Attribute values window is displayed.
- On the Operation invocation window, click stop to stop the Content Services subsystem.
- On the Attribute values window, add a new key alias in the cryptodoc.jce.key.aliases field and its password in the cryptodoc.jce.key.passwords field. Both these fields accept comma-separated list of values. Note: While adding a new master key alias, if you add the alias but not the password, the master key will fail to register.
- Click start to restart and reinitialize the Encrypted Content Store subsystem.
- Click showMasterKeys to check that the new master key is now being used.