Managing the encryption settings database

If data encryption is enabled in the PingDirectory software, the server use a secret key to actually perform that encryption. Without that encryption key, the encrypted data is worthless.

The PingDirectory software uses an encryption settings database to manage the keys that it uses for data encryption. Each encryption settings definition includes not only the key used to perform the encryption, but also specifies the cipher transformation that is used for that encryption. The encryption settings database can include multiple definitions, but only one of those definitions is marked as the preferred definition, and that is the one that is used for encrypting new data that is written to the database.

The PingDirectory server provides an encryption-settings tool that can manage the contents of the encryption settings database.