Once you have rotated the Key Encryption Key (KEK), you must deploy the new OnBase Client and Configuration executables, as well as the Hyland.Core.GrabIcon.dll if you are using the OnBase Application Server. Depending on whether you are using a legacy version of the OnBase Core, you may also need to deploy the dmcore.dll.
Deploying the KEK involves locating the new executables and DLLs created by rotating the KEK and copying them over to where the old files reside, thereby deleting the old executables and DLLs and replacing them with the new ones. The new files must then be copied to all the workstations that require use of these files.
The new executables and DLLs are stored in a folder named NewKEKExecutables#, where # is the number of times that you have rotated the KEK for the selected set of executables. For example, if this is the first time you have rotated the KEK for this set of executables, the folder is named NewKEKExecutables1. If this is the fourth time you have rotated the KEK for this set of executables, the folder is named NewKEKExecutables4. The NewKEKExecutables# folders are located in the same folder as the current executables (e.g., C:\Program Files\Hyland\ OnBase Client).
If you delete the NewKEKExecutables# folder, OnBase increments the NewKEKExecutables# folder number based on any folders that exist the next time you rotate the KEK. For example, you rotate the KEK three times. You delete NewKEKExecutables2 and NewKEKExecutables3. When you rotate the KEK the fourth time, the folder is named NewKEKExecutables2. If you delete all copies of the NewKEKExecutables# folder, such that no NewKEKExecutables# folders exist, the new folder is named NewKEKExecutables1.
When you upgrade your OnBase executables, any existing NewKEKExecutables# folders are deleted.
To deploy the KEK: