Close popover
Marc-Antoine Niggemann (Marc-AntoineN)
Marc-AntoineN Member since 2012 10 posts
Posted: April 26, 2018
Last activity: September 26, 2018

Using custom keystore for platform cipher

When i try to use a keystore that is not of type Amazon Key managment service I get an error :
" MyKeystore is not of type Amazon Key Management Service"
while conforming to this pdn link
using Amazone KMS is a possibility but not mandatory :
"The Platform cipher that uses the AES-256 cryptographic algorithm and requires no development effort to define.
To use the Platform cipher, you need to use keys that are securely managed by your organization. The keys must employ standard techniques, such as key rotation, to protect your sensitive data. On the Data Encryption landing page, you specify the Keystore rule instance and key information that is used during encryption and decryption. The Keystore class allows you to access external keystores, including full-fledged key management systems such as Amazon Web Services Key Management System (AWS KMS). This key management system is used on Pega Cloud."

Is it or not mandatory to use KMS ? and if so, why is that ? seems not that complexe to let people choose to use KMS or they own key system, specifically as there is a lot of choice in keystores now, so it would handle every case, and it is much easier to generate a keystore for dev environments than generating a custom cipher.

Moderation Team has archived post,
Close popover This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.