How to validate the encryption key has switched to the core database mode after an upgrade of Coveo for Sitecore
When upgrading Coveo for Sitecore from a release older than December 2016 (4.0.780) to the December 2016 release or newer, the encryption key used to encrypt the sensitive configuration nodes is moved from the file system to the core database as per the release notes.
I have questions regarding this change:
- How to validate the encryption key was really moved to the core database?
- How to synchronize the encryption key between 2 core databases when hosting Sitecore instances in 2 or more cloud regions without core database replication.
- How to force Coveo for Sitecore to use the file system encryption key?
1. Since the old encryption key file is not removed after the migration, you need to validate in the core database if the entry is there.
SELECT [Key] ,[Value] FROM [MySitecoreInstance_core].[dbo].[Properties] WHERE [Key] = 'encryptionKeys'
2. The encryptionKeys entry value needs to be copied to the other database, you can use a script like this one:
BEGIN TRAN DECLARE @encryptionKey AS VARCHAR(100) = (SELECT [Value] FROM [MyFirstSitecoreInstancecore].[dbo].[Properties] WHERE [Key] = 'encryptionKeys') UPDATE [MySecondSitecoreInstancecore].[dbo].[Properties] SET [Value] = @encryptionKey WHERE [Key] = 'encryptionKeys' IF @@rowcount = 0 BEGIN INSERT INTO [MySecondSitecoreInstance_core].[dbo].[Properties] ([Key], [Value]) VALUES ('encryptionKeys', @encryptionKey) END COMMIT TRAN
3. You can specify that you want to use the legacy mode to store the encryption key on disk by using a setting call UseEncryptionKeysFileStorage:
<configuration xmlns:patch="http://www.sitecore.net/xmlconfig/"> <sitecore> <settings> <setting name="Coveo.Encryption.UseEncryptionKeysFileStorage" value="true" /> </settings> </sitecore> </configuration>