Rekeying encryption policies with the Data Administration tool
Generate new encryption keys for encryption policies in your encryption-enabled database with the Generate Encryption Keys dialog of the Data Administration tool. Objects must have an existing encryption policy to be rekeyed. You must be connected to the database locally and have ABL security administrator and key store admin privileges to rekey encryption policies.
Note: Generating new encryption keys is also supported in the character-mode Data Dictionary tool.
To generate a new encryption key for an existing encryption policy:
1. From the Data Administration tool, choose Admin > Security > Encryption Policies > Generate Encryption Keys. The Object Selector dialog appears:
By default, only tables and indexes with existing encryption policies are shown. You can also show LOBs with encryption policies by checking Show LOBs. You can refine the list by filtering by cipher if you check Filter Cipher and choose a cipher.
2. Select the object or objects you want to generate new encryption keys for and click OK. The Generate Encryption Keys dialog appears:
Note: The Save, Copy, and Revert buttons are disabled, as well as the Passphrase and Verify Passphrase fill-ins.
3. Click Commit to generate new keys for all the objects listed in the Generate Encryption Keys dialog, or click Cancel to not generate any keys.
4. If you click Commit, you are asked to confirm your decision.
