Highlighted
Absent Member.
Absent Member.
1388 views

upgrading from 3DES to AES encryption

upgrading from 8.1.1.2 (datastore version 6) to 8.6.1.0. on windows/AD

---------------------
1. will the upgrade automatically upgrade to AES (without running adsschema.exe).
---------------------
ugprade is done with '/install X_PRIMARYSTORE="MAD" PATHTOISS=<myrepsonsefile.rsp> /quiet /norestart /lang <mylang> /log <mylogfilepath>'
see: https://www.netiq.com/documentation/securelogin-86/installation_guide/data/bijja2v.html

---------------------
2. can this get automated without running the .exe (GUI)
---------------------

---------------------
3. is there a way to check which version (3DES or AES) securelogin is using?
---------------------


thanks, florian

0 Likes
1 Reply
Highlighted
Micro Focus Frequent Contributor
Micro Focus Frequent Contributor

Hi Florian,
You can change/view this option using a SecureLogin preference "Security" -> "Use AES for SSO data encryption". Set its value to "Yes" using slmanager, MMC plugin or GPO editor to use AES as encryption.

This preference can be enforced and controlled from a single place by setting its value at OU or Group Policy object level.

With the current implementation, it can only be set either through preference or using schema tool.
1. For new SecureLogin deployment or new container under existing deployment, it is recommended to extend schema/rights, in this way we would enforce every new SecureLogin user to use AES encryption.
2. For existing user, we recommend migrating to AES encryption using SecureLogin preference (right now we don't have automatic implementation through installer).

Regards,
Dinesh
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.