Show TOC Start of Content Area

Procedure documentation Managing Secure Storage in the File System  Locate the document in its SAP Library structure

Use

You can use this procedure to manage and re-encrypt the contents of the secure storage file, located at \usr\sap\<SID>\SYS\global\security\data\SecStore.properties in your file system..

The AS Java installation procedure creates this file during the installation where it stores the database user SAP<SID>DB, its password, and other database connection information as well as information for the user Administrator and its password. The AS Java installation uses the SAP Java Cryptographic Toolkit to encrypt the information in this file with the triple DES algorithm.

.Caution

The file SecStore.propertiesmust remain consistent. Do not edit this file manually! Otherwise, the AS Java will not start properly.

Procedure

...

       1.      Start the Config Tool. (Execute <AS_Java_install_dir>\configtool\configtool.bat.)

       2.      Select secure store.

The configuration for the secure storage in the file system appears.

       3.      The data stored in the file is encrypted by default. To re-encrypt the data, choose File Reencrypt Secure Content.

       4.      To change the key phrase, choose Change Key Phrase. The AS Java uses this phrase to generate the key that will be used to encrypt the data.

Recommendation

The uniqueness of the phrase you use contributes to the uniqueness of the resulting key. Therefore, we recommend you use a long key phrase that cannot be easily guessed. Use both upper and lower case letters in the phrase and include special characters. By default, the requirements for the key phrase are length between 8 and 30 characters and numbers.

       5.      Confirm with OK.

       6.      Save the configuration.

       7.      Restart the cluster

Result

The key that is used to encrypt the data file is stored in the file SecStore.key. The database connection information and the Administrator’s user information (including the password) are stored in the file SecStore.propertiesfile.

Caution

If you change the administrator’s password at a later time, then you also have to update the password in secure storage. See Changing the Administrator's Password and Updating it in Secure Storage.

 

 

 

End of Content Area