Custom Key Encryption
SimpleHelp uses a set of internal private keys to encrypt the data stored by the SimpleHelp server. This encryption means that it is harder for a malicious user to extract sensitive information from this data. For additional security, you can configure SimpleHelp to use a custom encryption key specific to your SimpleHelp server installation.
- Custom encryption keys will be used for all assets when encrypting resources. Existing resources will not be re-encrypted with the new keys.
- The custom encryption key is stored on disk in a password protected asset. This password must be provided when custom key encryption is set up.
- Every time a SimpleHelp server restarts, the password must be provided in order to gain access to the custom keys.
[Warning] If you forget or lose the password, or lose your backup of the encryption keys, your data cannot be decrypted. There is no master password or other fallback mechanism.
Configuring Custom Key Encryption
You can generate a set of custom encryption keys by using the SimpleHelp server Admin script:
admin\admin.bat (OR) admin/admin.sh
located in the SimpleHelp server installation folder. Launch the script and follow the on screen prompts to create the custom key store. Once complete, the keys will be stored in the file:
We recommend taking an immediate backup of this file to ensure your data is accessible in the future.