The Now Platform® Washington DC release is live. Watch now!
Cloning an instance is important to help ensure your sub-Production environments are configured similarly to your Production environment, and contain a representative set of data. However, Edge Encryption adds a layer of complexity during the cloning process, since the Edge proxy and the instance must have some matching configuration settings. Before the clone, the Production instance and Edge proxy have consistent settings, and the clone target (and its Edge proxy) will have a different configuration. After the clone, the clone target instance will now have all of the settings used by Production, but the Edge proxy will still have the pre-clone settings. What just happened?
When cloning while Edge Encryption is active, follow these steps to ensure your Edge proxy and instance can communicate and successfully display the expected encoded values. At a high level, you will copy the Edge proxy installation from Production to the clone target machine, update the configuration files on the target machine to point to the clone, and update the local Edge database (if used). After this, you can proceed to clone Production to the target. Once the clone is finished, you can start the Edge proxy and verify everything is working as expected.
Here are the detailed steps for cloning when there is Edge Encryption is active. For simplicity we are providing instructions for one proxy, but this can be extended to multiple proxies if necessary when the instance has multiple proxies assigned.
If you decide to reuse the same database, please follow step 5. If you are going to create a new database, skip to step 6.If you are re-using the edgeencryption.db.name from the pre-cloned instance, you may want to change this to a new edgeencryption.db.name or drop the associated database (and of course the tables and data in that database will also drop) so that the database is clean. In this example we log into the MySQL database used by the clone target Edge Encryption proxy and we will drop the current database and reuse the same database name in the edgeencryption.db.name setting.
You may review the edgeencryption.properties file in its entirety and change any other settings that would be appropriate to your environment.
Following these steps will ensure that, after you clone your Production instance over a sub-Prod instance, you will be able to view all of the encrypted data when accessing the instance through the Edge proxy. If you do not follow these steps, you may encounter proxy startup errors, and all of the data will remain encrypted and unusable by all client applications (browsers and web servers). As designed, the only way to decrypt the data in the newly cloned instance is to ensure the Edge proxy server is configured with the same configuration that was used to encrypt the data while it was in Production.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.