Booting an encrypted database

Once you have created an encrypted database, you must supply the boot password to reboot it. Encrypted databases cannot be booted automatically along with all other system databases on system startup (see "derby.system.bootAll" in Tuning Derby). Instead, you boot encrypted databases when you first connect to them.

For example, to access an encrypted database called wombat, created with the boot password clo760uds2caPe, you would use the following connection URL:

jdbc:derby:wombat;bootPassword=clo760uds2caPe

Once the database is booted, all connections can access the database without the boot password. Only a connection that boots the database requires the key.

For example, the following connections would boot the database and thus require the boot password:

Note: The boot password is not meant to prevent unauthorized connections to the database once it has been booted. To protect a database once it has been booted, turn on user authentication (see Working with user authentication).
Related concepts
Encrypting databases on creation
Creating the boot password
Changing the boot password