Encrypting Usernames and Passwords

To connect to a database, or start a process as a specific operating system user, the Dimensions CM server requires the credentials of an operating system or database user account, typically a user ID and password. Credentials are stored in the file registry.dat in encrypted format.

By default CM uses the cipher type aes-128-cbc. To specify a different cipher type add the flag DM_CIPHER_TYPE to the Dimensions CM dm.cfg configuration file on the server and specify one of the following (listed in descending order of security):

If registry.dat was encrypted with a cipher that is different to the current one, CM automatically:

Re-encryption occurs when:

After every re-encryption n is incremented by 1, for example:



NOTE  If you use aes-256-cbc, the Java Runtime Environment used to run Serena CM Common Tools (Tomcat) should be patched with JCE Unlimited Strength Jurisdiction Policy Files that you can download from the official Java site.