Skip to main content
Skip table of contents

Data protection key rotation

For better security, the key used to encrypt the data in VeridiumID server must be rotated periodically. An automatic mechanism for rotating the master key is available in Veridium Manager starting with version 3.6.

The encryption mechanism works with a master key that encrypts a secret. With the help of the encrypted secret, the data will be encrypted/decrypted.
The new key rotation mechanism actually rotates the master key and works as follows:

Automatic rotation

image-20240327-092146.png

By pressing the “Rotate master key” from the right side panel, the key will be rotated.

Manual rotation

In order to rotate the key manually, the followings steps are necessary:

  1. Generate a new keystore (Keystore Explorer is one tool that can do that)

  2. You have to remember the keystore password and master key password

  3. Transform keystore in base64

  4. Go to VID in Settings → Advanced → config.json and find dataProtection entry.

  5. Replace keystore with the bas64, add masterKeyPassword and keystorePassword

  6. Press save

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close