How to Export and Import Security Key Between Masking Engines to Sync Algorithms (KBA7722)
KBA
KBA# 7722Applicable Delphix Versions
- Click here to view the versions of the Delphix engine to which this article applies
-
Date Release Mar 20, 2024 21.0.0.0 Feb 21, 2024 20.0.0.0 Jan 25, 2024 19.0.0.0 Dec 20, 2023 | Jan 10, 2024 18.0.0.0 | 18.0.0.1 Nov 21, 2023 17.0.0.0 Oct 18, 2023 16.0.0.0 Sep 21, 2023 15.0.0.0 Aug 24, 2023 14.0.0.0 Jul 24, 2023 13.0.0.0 Jun 21, 2023 12.0.0.0 May 25, 2023 11.0.0.0 Apr 13, 2023 10.0.0.0 | 10.0.0.1 Mar 13, 2023 | Mar 20, 2023 9.0.0.0 | 9.0.0.1 Feb 13, 2023 8.0.0.0 Jan 12, 2023 7.0.0.0 Releases Prior to 2023 Major Release All Sub Releases 6.0 6.0.7.0, 6.0.8.0, 6.0.8.1, 6.0.9.0, 6.0.10.0, 6.0.10.1, 6.0.11.0, 6.0.12.0, 6.0.12.1, 6.0.13.0, 6.0.13.1, 6.0.14.0, 6.0.15.0, 6.0.16.0, 6.0.17.0, 6.0.17.1, 6.0.17.2
How to Sync the GLOBAL Security Key Between Engines
This procedure describes syncing a Continuous Compliance Engine Global security key to other Continuous Compliance Engines. It will ensure that all the Continuous Compliance Engines have the same global security key.
Prerequisites
Identify the Continuous Compliance Engines with differing security keys.
Exporting and Importing the Masking Key
To export and import the correct security key to the affected engine, complete the following procedure:
- Login to the API-client of the Continuous Compliance Engine with the correct key using http://MASKING_ENGINE.com/masking/api-client
- Click Authorize at the top of the page:
- Enter your Username and Password:
- Copy the Response from
/syncable-objects
.- Navigate to
sync
, open/syncable-objects
, and click Execute. Object_type can be set to KEY to filter just for the Engine key - Scroll to the response body and select the text for
ObjectIdentifier
:KeyId
.
Example:[ { "objectIdentifier": { "keyId": "global" }, "objectType": "KEY", "revisionHash": "e007bcdca8680fab9908bc78fddeaa0183779434" } ]
- Use the
objectIdentifier
code obtained in the previous step to export the masking key. Paste the selected text from the previous text into thePOST /export
body block and
execute the API request
- Successful execution of POST will produce a response code of 200. Copy the Response Body output and save it in a text file.
Example: -
{ "exportResponseMetadata": { "exportHost": "me-uranus.supportlab.delphix.com", "exportDate": "Sun Apr 07 11:59:13 UTC 2024", "requestedObjectList": [ { "objectIdentifier": { "keyId": "global" }, "objectType": "KEY", "revisionHash": "e007bcdca8680fab9908bc78fddeaa0183779434" } ], "exportedObjectList": [ { "objectIdentifier": { "keyId": "global" }, "objectType": "KEY", "revisionHash": "e007bcdca8680fab9908bc78fddeaa0183779434" } ] }, "blob": "RAAAAAokNTA2MmI1NWMtYTllYy00ZjhlLWFmNmItNjcwNzk4NTc2YTg4EhgyMDI0LTA0LTA3VDExOjU5OjEzLjA0MVogASgGgQEAAAokNTA2MmI1NWMtYTllYy00ZjhlLWFmNmItNjcwNzk4NTc2YTg4EtgCCjsICRI3Cit0eXBlLmdvb2dsZWFwaXMuY29tL0VuY3J5cHRpb25LZXlJZGVudGlmaWVyEggKBmdsb2JhbBrTAQokNGRiNmRhMDItZThhNi00NDBmLWEyYTItYjllODcwMjcwNjg4EiQyMmNjNzI1OS0zZjMwLTQ2MjQtYjc0ZC03ZmI3ZTljN2RlNmQad3sKICAib2JqZWN0VHlwZSI6ICJLRVkiLAogICJpZCI6IHsKICAgICJAdHlwZSI6ICJ0eXBlLmdvb2dsZWFwaXMuY29tL0VuY3J5cHRpb25LZXlJZGVudGlmaWVyIiwKICAgICJpZCI6ICJnbG9iYWwiCiAgfQp9KOGltsm+MDDig6aFvzAiQwoldHlwZS5nb29nbGVhcGlzLmNvbS9FbmNyeXB0aW9uS2V5RGF0YRIaChhIcW85c2RGQWdyaGlrRUxaY2FuRExBPT1WAAAACiQ1MDYyYjU1Yy1hOWVjLTRmOGUtYWY2Yi02NzA3OTg1NzZhODgaLjAsAhQsAtRIq+GIRLEGCb1ejM7BvrSMKQIUITTgKNdjTlLJy4BIx8+tIC1AiDY=", "signature": "MCwCFCwC1Eir4YhEsQYJvV6MzsG+tIwpAhQhNOAo12NOUsnLgEjHz60gLUCINg==", "publicKey": "MIHxMIGoBgcqhkjOOAQBMIGcAkEA/KaCzo4Syrom78z3EQ5SbbB4sF7ey80etKII864WF64B81uRpH5t9jQTxeEu0ImbzRMqzVDZkVG9xD7nN1kuFwIVAJYu3cw2nLqOuyYO5rahJtk0bjjFAkBnhHGyepz0TukaScUUfbGpqvJE8FpDTWSGkx0tFCcbnjUDC3H9c9oXkGmzLik1Yw4cIGI1TQ2iCmxBblC+eUykA0QAAkEA0DT21y2D9oM1g8Ik5jWsqHvOGqwVZ7BI30XoTrvS9Lpt2ZQ8Nj2Hss4ta3LjrakDwSF8IySJDMkTOJJjSHfaLQ==" }
- Navigate to
- Login to the api-client for the Continuous Compliance Engine which has the incorrect key.
To log in, follow steps 1-3 on the engine with the incorrect key.
- Navigate to
sync
and selectPOST /import
, paste the contents of step 4d in the body field of/import
, set force_overwrite to true and then execute the API request.
- You can validate if the right key has been fetched by following this document: Object Sync and revisionHash (KBA10886)
Related Articles
The following articles may provide more information or related information to this article:
https://maskingdocs.delphix.com/Managing_Multiple_Engines_for_Masking/Key_Management/