Creating encryption-settings definitions
The create
subcommand provides a mechanism for creating a new encryption-settings definition.
About this task
To create an encryption-settings definition:
Steps
-
To specify the definition, use the
encryption-settings
tool with thecreate
subcommand.This subcommand takes the following arguments.
Argument | Description |
---|---|
|
Specifies the base cipher algorithm to use. Make sure the |
|
Specifies the full cipher transformation to use including the cipher mode and padding algorithms, such as AES/CBC/ PKCS5Padding. If you do not provide this argument, the JVM-default transformation is used for the specified cipher algorithm. |
|
Specifies the length of the encryption key in bits, such as 128. |
|
Indicates that the new encryption-settings definition is made the preferred definition and used for subsequent encryption operations in the server. By default, the first definition you create in the encryption-settings database is the preferred definition. |
Example:
$ bin/encryption-settings create --cipher-algorithm AES \
--key-length-bits 128 --set-preferred
Result:
Successfully created a new encryption settings definition with ID F635E109A8549651025D01D9A6A90F7C9017C66D