Host Server Databases tab

Cloverleaf administrators can configure encryption settings for the SMAT, Recovery, and Error Databases for a selected site on the Server Administration > Host Server > Databases tab.

This tab has a list of available sites. Selecting a site enables the encryption options for that site. Configured options are stored at the site level.

In no security or basic security, you can change the database's encryption settings.

In advanced security, for the currently selected site, if you have permission to log in to Server Administration:

  • An error message opens when you do no have read permission for the database encryption configuration file.
  • If you have read permission for the database's encryption configuration file, then the UI for database encryption in the Server Administration is refreshed. This action updates the current database's encryption settings for the currently selected site.

If you also have write permission on the database's encryption configuration file, then you can click Save. Otherwise, an error message opens notifying that the save action failed.

All database encryption settings are stored in the HCISITEDIR\siteSecurityInfo encrypted file.

In each section of the Host Server tab, there are options to Disable/Enable the database, and to change the Password. This is available only when encryption is enabled.

This table lists the available options:

Option Description
Site

The site selection menu is populated with a list of all sites in the root, and includes a No Sites option.

Internal Database Options For Data Encryption, when Enable is selected, all internal databases are encrypted.

You can change the internal database password by clicking Change Password. When the field is empty, the default key is used. Newly created sites use this setting by default.

When this is disabled, the internal database stores messages in plain text. Otherwise, it is password protected. In this case, internaldbkey is used for the internal database.

Error Database Options For Data Encryption, when Enable is selected, the error database is encrypted.

You can change the error database password by clicking Change Password. When the field is empty, the default key is used. Newly created sites use this setting by default.

When this is disabled, the error database stores messages in plain text. Otherwise, it is password protected. In this case, errordbkey is used for the error database.

SMAT Database Options

When Save into Database is selected, SMAT messages are saved to the database. Otherwise, messages are saved into the .idx and .msg files.

Selecting Save into Database also enables Data Encryption.

For Data Encryption, when Enable is selected, the SMAT database is encrypted.

If no SMAT database password is specified, then the site name is used as the default password. Newly created sites use this setting by default.

Example: Enabling site database encryption

A new lab interface has been designed and deployed into a new site ‘lab2’.

Encryption is enabled on the SMAT database.

After logging into the Server Administration tool, the Databases tab is selected. Then, the site ‘lab2’ is selected from the site list.

Encryption is enabled for the SMAT, Recovery, and Error databases and the encoding password is set for the selected site (lab2).

A custom password can now be set when enabling encryption on each object.