Enabling Transparent Data Encryption

Infor LTR supports the use of Transparent Data Encryption (TDE) to be set on the SQL server. This is not required for Infor LTR but can be enabled if needed. After the installation has completed, complete these steps to enable Transparent Data Encryption:

  1. Open SQL Server Management Studio.
  2. Run the following command to create the master key.
    Note: Replace Password in the command below with a strong password.
    USE Master;
GO
CREATE MASTER KEY ENCRYPTION
BY PASSWORD='<Password>';
GO
  3. Create the certificate protected by the master key by using the command below.
    Note: Replace Name with the name of the certificate that will be created.
    CREATE CERTIFICATE <Name>
WITH 
SUBJECT='Database_Encryption';
GO
  4. Encrypt these databases:
    • Infor_<Farm Name>_DocMgmt
    • Infor_ <Farm Name> _Farm
    • Infor_ <Farm Name> _Grid
    • Infor_ <Farm Name> _ION
    • Infor_ <Farm Name> _ION_Services
    • Infor_ <Farm Name> _IONAPI
    • Infor_ <Farm Name> _Mingle
    • Infor_ <Farm Name> _Registry
  5. Use the following command to encrypt the database.
    Note: Replace <DB> with the database names for the database listed in step 5. For the certificate name, replace it with the certificate created in the step 4.
    USE <DB>
GO
CREATE DATABASE ENCRYPTION KEY
WITH ALGORITHM = AES_256
ENCRYPTION BY SERVER CERTIFICATE <Certificate Name>;
GO
  6. Enable the encryption by using the command below.
    Note: Replace <DB> with the database names for the database listed in step 5.
    ALTER DATABASE <DB>
SET ENCRYPTION ON;
GO
    Caution: 
    The master password and certificate created in steps 2 and 4 are needed to replace the database backups.