newBootPassword=newPassword attribute

The newBootPassword=newPassword attribute specifies a new boot password for an encrypted database.

A new encryption key is generated internally by the engine, and the key is protected using the new boot password. The newly generated encryption key encrypts the database, including the existing data. For more information about this attribute, see "Encrypting databases with a new boot password" in the Derby Security Guide.

Combining with other attributes

The newBootPassword=newPassword attribute must be combined with the bootPassword=key attribute.

You cannot change the encryption provider or the encryption algorithm when you use the newBootPassword=newPassword attribute.

For an existing encrypted database for which authentication and SQL authorization are both enabled, only the database owner can perform reencryption. See "Configuring user authentication" and "Configuring user authorization" in the Derby Security Guide for more information.

After you change the boot password, be sure to check for SQLWarnings. The change succeeded only if there were no SQLWarnings or SQLExceptions.

Example

-- specify a new boot password for a database
jdbc:derby:salesdb;bootPassword=abc1234xyz;newBootPassword=new1234xyz