db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Knut Anders Hatlen <Knut.Hat...@Sun.COM>
Subject Re: Derby Encryption AND Replication
Date Thu, 08 Jan 2009 15:52:29 GMT
Brad <derby@javawork.co.uk> writes:

> Hi,
>
> I've been trying to get this working myself. I saw the steps you listed in
> your footnote as an example of a basic working test.
>
> [2]
> 1. Master: connect
> 'jdbc:derby:enctest2;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=test;
> create=true';
> 2. Master: CALL SYSCS_UTIL.SYSCS_FREEZE_DATABASE();
> 3. Slave: connect
> 'jdbc:derby:enctest2;startSlave=true;encryptionAlgorithm=DES/CBC/NoPadding;
> encryptionKey=test';
> 4. Master: connect
> 'jdbc:derby:enctest2;startMaster=true;slaveHost=localhost;encryptionAlgorithm=
> DES/CBC/NoPadding;encryptionKey=test';
> 5. Master: do some test DDL and DML operations
> 6: Master: connect 'jdbc:derby:enctest2;failover=true';
> 7: Slave: connect
> 'jdbc:derby:enctest2;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=
> test';
> 8. Slave: ensure results are as expected
>
> I tried them myself and it does work but the data isn't encrypted. I only get
> encrypted data in the database files when I specify "dataEncryption=true". As
> a side effect of that I also have to drop the encryptionAlgorithm and
> encryptionKey properties and add in the bootPassword property. This then
> causes problems as some of the replication properties can't be mixed with
> bootPassword which I found was required to start the encrypted database.
>
> Am I missing something? Is there a way of getting encrypted data without
> bootPassword?

Hi Brad,

Which version of Derby did you use when you tried this? None of the
released versions support the combination of encryption and
replication. It was however fixed in the development sources and should
work when Derby 10.5 is released. See
https://issues.apache.org/jira/browse/DERBY-3890

-- 
Knut Anders

Mime
View raw message