Add a new master key - Alfresco Content Services - 23.4 - 23.4 - Ready - Alfresco - external

Alfresco Content Services

Platform
Alfresco
Product
Alfresco Content Services
Release
23.4
License

To add a master key, follow the steps below:

  1. Add the new master key to the master keystore file.
  2. Define the new master key alias and password by one of the following ways:
    • Add the key alias and password in the alfresco-global.properties file; or
    • Add the key alias and password by using the JMX operations. Follow the sequence of steps from Step 3 onwards. Note: The values set on a subsystem will mean that the property values from configuration files may be overwritten or ignored. Use the JMX client to set the configuration properties.
  3. On the JConsole window, select the MBeans tab.

    The available managed beans are displayed in JConsole.

  4. Navigate to Alfresco > Configuration > ContentStore > managed > encrypted > Attributes.

    The Attribute values window is displayed.

  5. On the Operation invocation window, click stop to stop the Content Services subsystem.
  6. On the Attribute values window, add a new key alias in the cryptodoc.jce.key.aliases field and its password in the cryptodoc.jce.key.passwords field. Both these fields accept comma-separated list of values. Note: While adding a new master key alias, if you add the alias but not the password, the master key will fail to register.
  7. Click start to restart and reinitialize the Encrypted Content Store subsystem.
  8. Click showMasterKeys to check that the new master key is now being used.