Skip to main content
Delphix

How to Export and Import Security Key Between Masking Engines to Sync Algorithms (KBA7722)

  1. Last updated
  2. Save as PDF
 

 

KBA

KBA# 7722

Applicable Delphix Versions

Click here to view the versions of the Delphix engine to which this article applies
Date Release
Mar 20, 2024 21.0.0.0
Feb 21, 2024 20.0.0.0
Jan 25, 2024 19.0.0.0
Dec 20, 2023 | Jan 10, 2024 18.0.0.0 | 18.0.0.1
Nov 21, 2023 17.0.0.0
Oct 18, 2023 16.0.0.0
Sep 21, 2023 15.0.0.0
Aug 24, 2023 14.0.0.0
Jul 24, 2023 13.0.0.0
Jun 21, 2023 12.0.0.0
May 25, 2023 11.0.0.0
Apr 13, 2023 10.0.0.0 | 10.0.0.1
Mar 13, 2023 | Mar 20, 2023 9.0.0.0 | 9.0.0.1
Feb 13, 2023 8.0.0.0
Jan 12, 2023 7.0.0.0
Releases Prior to 2023
Major Release All Sub Releases
6.0

6.0.7.0, 6.0.8.0, 6.0.8.1, 6.0.9.0, 6.0.10.0, 6.0.10.1, 6.0.11.0, 6.0.12.0, 6.0.12.1, 6.0.13.0, 6.0.13.1, 6.0.14.0, 6.0.15.0, 6.0.16.0, 6.0.17.0, 6.0.17.1, 6.0.17.2

How to Sync the GLOBAL Security Key Between Engines

This procedure describes syncing a Continuous Compliance Engine Global security key to other Continuous Compliance Engines. It will ensure that all the Continuous Compliance Engines have the same global security key.

Prerequisites

Identify the Continuous Compliance Engines with differing security keys. 

Exporting and Importing the Masking Key

To export and import the correct security key to the affected engine, complete the following procedure:

  1. Login to the API-client of the Continuous Compliance Engine with the correct key using http://MASKING_ENGINE.com/masking/api-client
     
  2. Click Authorize at the top of the page:

    1-7722.png
  3. Enter your Username and Password:

    2-7722.png
     
  4. Copy the Response from /syncable-objects.
    1. Navigate to sync, open /syncable-objects, and click Execute. Object_type can be set to KEY to filter just for the Engine key
    2. Scroll to the response body and select the text for ObjectIdentifier:KeyId.
                                                                                                                                                          3-7722.png


      Example: 
      [   
{
      "objectIdentifier": {
        "keyId": "global"
      },
      "objectType": "KEY",
      "revisionHash": "e007bcdca8680fab9908bc78fddeaa0183779434"
    }
]
    3. Use the objectIdentifier code obtained in the previous step to export the masking key. Paste the selected text from the previous text into the POST /export body block and
      execute the API request
      4-7722.png
    4. Successful execution of POST will produce a response code of 200. Copy the Response Body output and save it in a text file.
      Example:
    5. {
  "exportResponseMetadata": {
    "exportHost": "me-uranus.supportlab.delphix.com",
    "exportDate": "Sun Apr 07 11:59:13 UTC 2024",
    "requestedObjectList": [
      {
        "objectIdentifier": {
          "keyId": "global"
        },
        "objectType": "KEY",
        "revisionHash": "e007bcdca8680fab9908bc78fddeaa0183779434"
      }
    ],
    "exportedObjectList": [
      {
        "objectIdentifier": {
          "keyId": "global"
        },
        "objectType": "KEY",
        "revisionHash": "e007bcdca8680fab9908bc78fddeaa0183779434"
      }
    ]
  },
  "blob": "RAAAAAokNTA2MmI1NWMtYTllYy00ZjhlLWFmNmItNjcwNzk4NTc2YTg4EhgyMDI0LTA0LTA3VDExOjU5OjEzLjA0MVogASgGgQEAAAokNTA2MmI1NWMtYTllYy00ZjhlLWFmNmItNjcwNzk4NTc2YTg4EtgCCjsICRI3Cit0eXBlLmdvb2dsZWFwaXMuY29tL0VuY3J5cHRpb25LZXlJZGVudGlmaWVyEggKBmdsb2JhbBrTAQokNGRiNmRhMDItZThhNi00NDBmLWEyYTItYjllODcwMjcwNjg4EiQyMmNjNzI1OS0zZjMwLTQ2MjQtYjc0ZC03ZmI3ZTljN2RlNmQad3sKICAib2JqZWN0VHlwZSI6ICJLRVkiLAogICJpZCI6IHsKICAgICJAdHlwZSI6ICJ0eXBlLmdvb2dsZWFwaXMuY29tL0VuY3J5cHRpb25LZXlJZGVudGlmaWVyIiwKICAgICJpZCI6ICJnbG9iYWwiCiAgfQp9KOGltsm+MDDig6aFvzAiQwoldHlwZS5nb29nbGVhcGlzLmNvbS9FbmNyeXB0aW9uS2V5RGF0YRIaChhIcW85c2RGQWdyaGlrRUxaY2FuRExBPT1WAAAACiQ1MDYyYjU1Yy1hOWVjLTRmOGUtYWY2Yi02NzA3OTg1NzZhODgaLjAsAhQsAtRIq+GIRLEGCb1ejM7BvrSMKQIUITTgKNdjTlLJy4BIx8+tIC1AiDY=",
  "signature": "MCwCFCwC1Eir4YhEsQYJvV6MzsG+tIwpAhQhNOAo12NOUsnLgEjHz60gLUCINg==",
  "publicKey": "MIHxMIGoBgcqhkjOOAQBMIGcAkEA/KaCzo4Syrom78z3EQ5SbbB4sF7ey80etKII864WF64B81uRpH5t9jQTxeEu0ImbzRMqzVDZkVG9xD7nN1kuFwIVAJYu3cw2nLqOuyYO5rahJtk0bjjFAkBnhHGyepz0TukaScUUfbGpqvJE8FpDTWSGkx0tFCcbnjUDC3H9c9oXkGmzLik1Yw4cIGI1TQ2iCmxBblC+eUykA0QAAkEA0DT21y2D9oM1g8Ik5jWsqHvOGqwVZ7BI30XoTrvS9Lpt2ZQ8Nj2Hss4ta3LjrakDwSF8IySJDMkTOJJjSHfaLQ=="
}
  5. Login to the api-client for the Continuous Compliance Engine which has the incorrect key.
    To log in, follow steps 1-3 on the engine with the incorrect key.
     
  6. Navigate to sync and select POST /import, paste the contents of step 4d in the body field of /import, set force_overwrite to true and then execute the API request.

    5-7722.png
     
  7. You can validate if the right key has been fetched by following this document: Object Sync and revisionHash (KBA10886)

 

Related Articles

The following articles may provide more information or related information to this article:

https://maskingdocs.delphix.com/Managing_Multiple_Engines_for_Masking/Key_Management/

 

Privacy Policy Terms of Use Legal About
© 2024 Delphix Corp