Creating a Symmetric Key to Encrypt Data Source Passwords

Zoomdata provides a suite of prebuilt connectors that connect the Zoomdata Server directly to your data source. If the data source requires a connection password in order to access the data, the credential information is saved in Zoomdata's storage repository - PostgreSQL. Zoomdata uses symmetric encryption to store the credential so that Zoomdata can access the data source, as needed, while providing a level of security for the saved information.

Zoomdata administrators can generate their own KeyStore using a symmetric key algorithm. This capability provides an additional level of security in the connection to and access of the data sources.

A symmetric key can be generated using Oracle's keytool program, which is a key and certificate management tool. This tool manages a keystore (database) of cryptographic keys, X.509 certificate chains, and trusted certificates. Refer to Oracle documentation for additional details about this keytool program.

Use the latest Java SDK to install the keytool program (as older versions of the SDK may require different installation steps).

Remember that this user-generated keystore should be provided to Zoomdata after a new installation, prior to any connections being stored in Zoomdata. If a new user-generated key is provided after some connections are already stored, the passwords for these connections have to be resupplied to Zoomdata after the new key is provided.

Generating a Keystore with a Symmetric Key

  1. Install the keytool program. Use the latest Java SDK to install the keytool program.

  2. Enter the following command line to generate your symmetric key.

    keytool -genseckey -alias <YourKeyAlias> -keyalg AES -keysize 256 -storetype jceks -keystore <YourKeyStoreName>.jks
  3. Create a keystore password and press Enter to continue.

  4. Create a key password and press Enter to continue.

  5. Store the keystore file in a location where the Zoomdata Server can access. For example:


    Next, you need to edit the file to add in the parameters needed for Zoomdata to integrate your symmetric key. If you have already logged into Zoomdata, be sure to log out first and close the browser.

  6. Edit (or create) the Zoomdata configuration file (

    vi /etc/zoomdata/
    If the configuration file does not exist, this command creates it.
  7. Incorporate instructions for accessing your newly generated keystore file into the .properties file as provided below:

  8. Restart Zoomdata Server. This ensures that the new keystore file is enabled and active within Zoomdata.

    For the appropriate Linux commands, see Restarting Zoomdata Services

The symmetric key should now be active in Zoomdata. If you see any error messages after the restart, submit a request for assistance.