Protecting Sensitive Data When you export an application, sensitive data in the EAR file is encrypted using either a static key or dynamically generated symmetric key, depending on whether you choose to use dynamic symmetric key at the time of deployment. Likewise, sensitive data in the deployment configuration file is encrypted using a static key when it is exported. However, you can generate a custom key for better security by specifying an encryption password. If you do so, you will also be required to provide the same password when you upload or deploy with the deployment configuration file. See Other Options for descriptions and example usage of the -password and -passwordFile options.