Appendix G: Decryption Accelerator Prerequisites and Limitations

Prerequisites

To take advantage of the Decryption Accelerator functionality, your systems and files must meet the following requirements:

• If the file that data is being encrypted in uses triggers, the triggers must be "secure triggers." To view your triggers and verify if they are "secure triggers," use the following SQL query:

  SELECT * FROM QSYS2/SYSTRIGGER

  The SECURE column will have a value of Y if the trigger is secure.

• The IBM Licensed Program "Advanced Data Security for i" must be installed on the system to prevent any loss of functionality when the file objects that contain encrypted data are duplicated. If you do not have this program installed, you can bypass this requirement by prompting the CRTDUPOBJ command, then setting the "Duplicate access control" parameter to *NONE. Additionally, if you use the CPYF command and set the "Create File" parameter to *YES for this duplication, you do not need to have this licensed program installed.

• Specific PTFs are needed to use the Decryption Accelerator feature. See the PTFs listed under the System Requirements in the Powertech Encryption for IBM i Installation Guide.

Decryption Accelerator and High Availability Environments

When the Decryption Accelerator is used in a High Availability, journal-based environment, you must specifically configure the user profile who applies journal changes on the High Availability system. For more details, see High Availability Setup.

Limitations

If the Decryption Accelerator is used on an encryption registry entry, the file/table of that entry cannot be duplicated into library QTEMP, unless you prompt the CRTDUPOBJ command, then set "Duplicate access control" to *NONE. If you use the CPYF command with the "Create File" parameter set to *YES, you can duplicate files into QTEMP, even with the Decryption Accelerator turned on.

Contact Powertech Support with questions.