Creating encryption-settings definitions

The create subcommand provides a mechanism for creating a new encryption-settings definition.

About this task

To create an encryption-settings definition:

To specify the definition, use the encryption-settings tool with the create subcommand.

This subcommand takes the following arguments.

The `create` subcommand accepted arguments
Argument	Description
`--cipher-algorithm <algorithm>` (required)	Specifies the base cipher algorithm to use. Make sure the `<algorithm>` input is the name of the algorithm, such as AES, DES, DESede, Blowfish, RC4.
`--cipher-transformation <transformation>` (optional)	Specifies the full cipher transformation to use including the cipher mode and padding algorithms, such as AES/CBC/ PKCS5Padding. If you do not provide this argument, the JVM-default transformation is used for the specified cipher algorithm.
`--key-length-bits <length>` (required)	Specifies the length of the encryption key in bits, such as 128.
`--set-preferred`	Indicates that the new encryption-settings definition is made the preferred definition and used for subsequent encryption operations in the server. By default, the first definition you create in the encryption-settings database is the preferred definition.

$ bin/encryption-settings create --cipher-algorithm AES \
  --key-length-bits 128 --set-preferred

Successfully created a new encryption settings definition with ID
F635E109A8549651025D01D9A6A90F7C9017C66D