Configuring a custom cipher

Although Pega Platform has an integrated platform cipher, you can implement a custom cipher to address policies that are specific to your company. You can use your own custom cipher in Pega Platform as a data encryption type.

Before you begin: To configure ciphers, you must have the pxCanManageDataEncryption privilege, which is included in the PegaRULES:SecurityAdministrator role.

For more information, see the Pega Community article Creating a custom cipher in Pega Platform.

  1. Create a custom encryption cipher, and then define rules in Pega Platform that support this cipher.
  2. In the header of Dev Studio, click Configure > System > Settings > Data Encryption.
  3. In the Application data encryption section, encrypt application data:
    1. Encrypt data with your custom cipher by selecting Custom cipher.
    2. In the Site specific cipher class field, enter the name of the class of your cipher.
      You define the cipher class in ….
    3. Start using this custom cipher for encryption purposes by clicking Activate.
  4. In the System data encryption section, encrypt system data by selecting the source of the master key:
    Choices Actions
    Pega Platform Select Pega Platform, and then click Regenerate.
    Keystore
    1. Select Keystore,
    2. In the Select keystore field, press the down arrow key, select a keystore that is sourced from a data page, and then click Activate.
  5. In the Warning dialog box that informs you about the changed encryption cipher, confirm the custom cipher activation by clicking Apply.