Click here to view and discuss this page in DocCommentXchange. In the future, you will be sent there automatically.
SAP Sybase SQL Anywhere 16.0 » SQL Anywhere Server - Database Administration » User and database security » Data security » Database encryption and decryption » Encryption keys

 

Changing the encryption key for a database

You can change the encryption key for an encrypted database, or for a database for which table encryption has been enabled, by using the CREATE ENCRYPTED DATABASE statement. Changing the encryption key does not overwrite the existing file, but creates a copy of the file encrypted with the new key.

Prerequisites

By default, you must have the SERVER OPERATOR system privilege to execute the CREATE ENCRYPTED DATABASE statement. The required privileges can be changed by using the -gu database server option.

 Task

  • Change the encryption key for an encrypted database using the CREATE ENCRYPTED DATABASE statement.

Results

The encryption key is changed.

Example

The following example takes the database file encryptedtemp.db, encrypted with key abc, and creates a copy of it called mynewencryptedtemp.db, encrypting it with the key abc123. Any other database-related files (the transaction log, transaction log mirrors, and dbspace files) are also created using the new encryption key. 

CREATE ENCRYPTED DATABASE 'C:\temp\mynewencryptedtemp.db'
FROM 'C:\temp\encryptedtemp.db'
KEY 'abc123'
ALGORITHM 'AES'
OLD KEY 'abc';

 See also
Copyright © 2014, SAP AG or an SAP affiliate company. - SAP Sybase SQL Anywhere 16.0