PROUTIL DISABLEENCRYPTION qualifier

Disables transparent data encryption on your database.

Syntax

proutil db-name -C disableencryption
[-Passphrase][[-userid userid][-password password]]

Parameters

db-name

Name of the database where you are disabling encryption.

-Passphrase

Specifies that the user must be prompted for a passphrase to authenticate the key store, before running this command.

-userid userid -password password

Specifies the userid and password of an authenticated database administrator.

Successful execution of DISABLEENCRYPTION has the following impact on your database:

BI encryption is disabled

AI encryption is disabled

All data is decrypted

All encryption policies are removed

The key store is archived (renamed dbname.ks.bk)

Notes

You cannot disable BI encryption while your database is online. You can run DISABLEENCRYPTION for an online database, but BI encryption will not be disabled until the BI is truncated and the database is restarted. DISABLEENCRYPTION issues a warning.

DISABLEENCRYPTION is interruptible, but will not restore the database to the state it was in prior to starting the disabling processing. If you interrupt the DISABLEENCRYPTION command, your database might be at one of the following points:

BI encryption is disabled (if run offline)

AI encryption is disabled

All ciphers of current policies are set to NULL

Add encrypted data are decrypted

All encryption policies are removed

Encryption is fully disabled

Because processing DISABLEENCRYPTION can take a long time, you may want to decrypt your data before issuing this command. Decrypt your data by setting your encryption policies to the NULL cipher and updating your data with PROUTIL EPOLICY.