Red Hat Directory Server 8.0 Administrator's Guide
then re-encrypted when it is imported to the database. Using the -E option when running the
db2ldif and ldif2db scripts will decrypt the data on export and re-encrypt it on import.
1. Export the data using the db2ldif script, as follows:
db2ldif -n Database1 -E -a /path/to/output.ldif -s "dc=example,dc=com" -s
"o=userRoot"
See Section 2.3, “Exporting to LDIF from the Command-Line” for more information.
2. Make any configuration changes.
3. Re-import the data using the ldif2db script, as follows:
ldif2db -n Database1 -E -i /path/to/output.ldif
See Section 1.3, “Importing from the Command-Line” for more information.
NOTE
When enabling encryption for data that is already present in the the database,
several additional security concerns arise:
• It is possible for old, unencrypted data to persist in the server's database page
pool backing file, even after a successful re-import with encryption. To remove
this data, stop the server and delete the db/guardian file, then re-start the
server. This will force recovery, a side-effect of which is deleting the backing
file. However, it is possible that the data from the deleted file could still be
recovered from the hard drive unless steps are taken to overwrite the disk
blocks that it occupied.
• After enabling encryption and importing data, be sure to delete the LDIF file
because it contains plain text values for the now-encrypted data. Ensure that
the disk blocks that it occupied are overwritten.
• The unencrypted data previously stored in the server's database may persist
on disk after a successful re-import with encryption. This is because the old
database files are deleted as part of the import process. Ensure that the disk
blocks that those files occupied are overwritten.
• Data stored in the server's replication log database is never encrypted;
therefore, care should be taken to protect those files if replication is used.
Chapter 3. Configuring Directory Databases
68