Deploying an Application Using Dynamic Encryption Key

When deploying applications on client machines, TIBCO Administrator encrypts all the sensitive data in the applications, such as password-type variables. While TIBCO Administrator uses a static encryption key for such encryptions, you can also use a dynamically generated encryption key to provide stronger security for your sensitive data on the client machines.

Note that the dynamic encryption key option is only available for domains stored in databases and that store application data on client machines, including domains that use TIBCO Enterprise Message Service. In other words, you must have selected both of the following checkboxes in TIBCO Domain Utility when creating your domain:

Domain information stored in a Database
Local Application Data

Note: If the domain is not set to Local Application Data by default, you can still override it on a per application basis to use this feature.

See TIBCO Runtime Agent™ Domain Utility User Guide for more information.

You can also encrypt application configuration files when exporting them using the AppManage utility. See TIBCO Runtime Agent™ Scripting Deployment Guide for more information.

To Use Dynamic Encryption Key

When deploying or redeploying an application, select the Dynamic Symmetric Key checkbox. When using this option, the communication between the TIBCO Hawk agent and the database needs to use JDBC over SSL to be secure.

Warning: If using this option, the .tra file and application data (.dat) file only works on the target machine as the encryption key is tied to the machine.

Did you find this helpful?

Yes No