Translate Field Encryption Keys – External Storage (TRNFLDKEY)

The Translate Field Keys (TRNFLDKEY) command allows authorized users to translate (re-encrypt) any field values, which were encrypted under older Keys, up to the most current Key for the specified Field Identifier.

NOTE:

TRNFLDKEY can be used for *ACTIVE field entries which store the encrypted field values in an external file.
It is recommended to submit this command to batch using the SBMJOB command.
TRNFLDKEY can be executed while users and applications are active on the system.
The execution time for TRNFLDKEY depends on the number of records which it must translate (re-encrypt) to the current Key.

TRNFLDKEY will find any records in the external file which are encrypted under old keys. For each record found, TRNFLDKEY will decrypt the value with the old key and re-encrypt the value using the current key.

The following users can use this command:

QSECOFR user profile (unless excluded in the Key Officer settings)
A user profile with *SECADM authority (unless excluded in the Key Officer settings)
A Key Officer whom has a *YES specified for the "Maintain Field Enc. Registry" authority setting

This command requires that you have the following object authorities:

*USE authority for the CRVL002 *VLDL object which contains the Field Encryption Registry.
*READ authority for the database file specified on the field entry.
*CHANGE authority for the external file which contains the encrypted values.

NOTE:
• TRNFLDKEY can be executed while users and applications are active on the system.
• The execution time for TRNFLDKEY depends on the number of records which it must translate (re-encrypt) to the current Key.

How to Get There

In the Field Keys Menu, choose option 3.

Options

Field identifier (FLDID)

Specify the Field identifier to translate the field keys for.

Copyright © Fortra, LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.
4.0 | 202307100156 | July 2023