encryptionKey=<key>

Function

Specifies the external key to use to:
  • Encrypt a new database
  • Configure an existing unencrypted database for encryption
  • Boot an existing encrypted database
Your application must provide the encryption key.

Combining with other attributes

When creating a new database, you must combine the encryptionKey attribute with the create=true and dataEncryption=true attributes.

When you configure an existing unencrypted database for encryption, the encryptionKey attribute must be combined with the dataEncryption=true attribute.

When booting an existing encrypted database, you must also specify the encryptionAlgorithm attribute if the algorithm that was used when the database was created is not the default algorithm.

The default encryption algorithm used by Derby is DES/CBC/NoPadding.

Examples

-- create a new encrypted database  
    jdbc:derby:newDB;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768
-- configure an existing unencrypted database for encryption
    jdbc:derby:salesdb;dataEncryption=true;encryptionKey=6162636465666768 
-- boot an encrypted database
    jdbc:derby:encryptedDB;encryptionKey=6162636465666768
Related reference
bootPassword=key
create=true
createFrom=Path
databaseName=nameofDatabase
dataEncryption=true
encryptionProvider=providerName
encryptionAlgorithm=algorithm
logDevice=logDirectoryPath
newEncryptionKey= <key>
newBootPassword = <new password>
password=userPassword
restoreFrom=Path
rollForwardRecoveryFrom=Path
shutdown=true
territory=ll_CC
user=userName
(no attributes)