Configuring a custom cipher

Although Pega Platform has an integrated platform cipher, you can implement a custom cipher to address policies that are specific to your company. You can use your own custom cipher in Pega Platform as a data encryption type.

To configure ciphers, you must have the pxCanManageDataEncryption privilege, which is included in the PegaRULES:SecurityAdministrator role.
  1. Create a custom encryption cipher and define rules in Pega Platform that support this cipher. For more information, see the Pega Community article Creating a custom cipher in Pega Platform.
  2. Click Configure > System > Settings > Data Encryption.
  3. In the Application data encryption section, do the following steps:
    1. Select Custom cipher to encrypt data with your custom cipher.
    2. In the Site specific cipher class field, enter the name of the class that you created in step 1.
    3. Click Activate to start using this custom cipher for encryption purposes.
  4. In the System data encryption section, select the source of the master key.
    • Pega Platform
    • Keystore
    1. If you selected Pega Platform, in the Encryption cipher field, press the Down Arrow key, select the encryption cipher, and click Regenerate.
    2. If you selected Keystore, in the Select keystore field, press the Down Arrow key, select the keystore, and click Activate.
  5. On the Warning dialog box that informs you about the changed encryption cipher, click Apply to confirm the custom cipher activation.