Re-encrypting secrets

If necessary, all secrets that are not encrypted with the current keys can be re-encrypted. This process involves decrypting the encrypted values using the keys that originally encrypted them, and then re-encrypting the clear text values with the current key. Once the re-encryption process is completed and all secrets have been successfully re-encrypted, the old keys that are no longer in use are removed.

To re-encrypt secrets:

  1. From Grid Management Pages > Security > Key Rotation.
  2. Select the Re-encrypt Secrets tab on the left side.
  3. Click Show.
    The name of the properties encrypted with rotated keys are shown on the page.
  4. Click Open re-encrypt dialog.
  5. Select the Dry run check box to start a dry run.
    The dry run will locate the properties to re-encrypt and test that it can still decrypt them.
    Clear the Dry run check box to start the re-encryption.
  6. Click Yes.
    The result is displayed after a short time.
  7. Click Close to close the result dialog.