Close popover

Table of Contents

Forcing data key rotation in the platform cipher


If the Customer Data Key (CDK) that you are using in the platform cipher has been compromised, you can immediately rotate the internal encryption key. The key can be rotated regardless of the key rotation period that is configured in the keystore data instance.

To force data key rotation, you must have the pxCanManageDataEncryption privilege, which is included in the PegaRULES:SecurityAdministrator role.
  1. In the header of Dev Studio, click Configure System Settings Data Encryption .

  2. In the Application data encryption section, do the following steps:

    1. Click Platform cipher.

    2. Click Force data key rotation to immediately rotate the internal encryption key.

  • Creating a keystore for application data encryption

    Create a keystore instance for your keystore file, which contains the keys and certificates that are used, for example, to support Web Services Security and outbound email security.

  • Encrypting data

    To make your data more secure, you can select the type of encryption to use in your application to encrypt and decrypt passwords, properties, and BLOBs.

Suggest Edit

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.