If files with FieldProc encrypted fields are saved and restored to the target system, the fields remain encrypted with FieldProc when restored to the target system. It is recommended to save the attached FieldProc encryption programs with the files (for example, A000000001 or A000000002). If the FieldProc encryption programs are not saved and restored with the files, you can rebuild the FieldProc encryption programs by running the following command:
CALL PGM(SECOPS/AN0025) PARM(' ' ' ')
If a key manager is used to retrieve AES encryption keys, consult with Support for the company that supplies your key manager to determine what needs to be done for certificates in IBM’s Digital Certificate Manager. Different key managers and setups within those key managers use certificates differently. There is no generic process for transferring certificates that works with all key managers.
If AES encryption keys within Assure Security are used, they are transferred with the Assure Security library.
Optionally, run the following command to clear log files after restoring the library:
-
CLRPFM FILE(SECOPS/AEHIST)
-
CLRPFM FILE(SECOPS/ANLOGA)