Changing the Encryption Mode

You can change the encryption mode used by Composer (for example to change from AES to AES/CBC/PKCS5Padding encryption). The encryption mode you select is used to encrypt connection parameters and secure user attributes.

We recommend that you change the encryption mode used by Composer with the assistance of Logi Composer Technical Support.

If you are upgrading to a newer version of Composer and you also want to change your encryption mode, perform the upgrade first and then complete the steps described here.

You must have system administration privileges to change the encryption mode.

You must have the full-strength Java Cryptography Extension (JCE) installed in your Java virtual machine (it's not there by default). You can download the JCE Unlimited Strength Jurisdiction Policy Files from Oracle at the following link: https://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html.

See also Encrypting Configuration Properties.

To change the encryption mode:

  1. Start the Composer microservice. This will populate the Composer database using the original encryption (for example AES). See Starting Composer Microservices.

  2. Stop the Composer microservice. See Stopping Composer Microservices.

  3. Back up the Composer database. See Backing Up and Restoring the Metadata Store.

  4. Modify the following encryption properties in the zoomdata.properties file: security.encryption.algorithm and security.encryption.key.algorithm. For example:

    security.encryption.algorithm=AES/CBC/PKCS5Padding
    security.encryption.key.algorithm=AES

    See zoomdata.properties Properties.

  5. Start the Composer microservice. Composer will start using the new properties and the new encryption method. See Starting Composer Microservices.