Configure Export Key Script¶
When exporting the server metadata, the Data Catalog encrypts sensitive data using a fixed export key so every installation is able to import the metadata. This may be useful in general but it could be considered as a security risk in some specific environments.
You can modify the export key used to encrypt sensitive data. Follow these steps:
Stop the Data Catalog.
Execute the script
<DENODO_HOME>/setup/vdp/configure_datacatalog_export_key
(see the arguments below).Restart the Data Catalog.
From now on, only a Data Catalog with the same export key will be able to import the metadata exported from this installation.
Usage
configure_datacatalog_export_key -k <key>
configure_datacatalog_export_key -i
Parameter Name |
Description |
---|---|
-i |
Runs the interactive mode, which guides you through the process to:
|
-k |
Set the given key as the new export key. You can provide the new export key:
Note: if the new export key has already been
set, you cannot use the |
Note
If you are going to use the Solution Manager to migrate changes in the server’s metadata from one environment to another (Promotions), you should use the same export key in all the environments.