IBM Business Automation Community Come for answers. Stay for best practices. All we’re missing is you. Join / Log in Ask a question
This is my understanding. Is this correct?
[Datacap Server#1]1) Login as Administrator2) Install Datacap.3) Execute "dcskey e" to export a private key to dc_KTF.xml
[Datacap Server#2]0) Change Administrator's password to Datacap Server#1's Administrator password.1) Login as Administrator2) Install Datacap.3) Copy dc_KTF.xml from Datacap Server#1.4) Execute "dcskey i" to export private key from dc_KTF.xml
Correct me if I am wrong.Datacap uses Microsoft CryptoAPI and CryptoAPI creates a private key based on Administrator's password.CryptoAPI always authenticates to Administrator's password before it uses the private key to decode something.Thus, two Datacap Servers need to have the same Administrator password for CryptoAPI to share the same private key.
All you have to so is copy the dcskey.xml that's working in tms 1 to tms2. Then run the import on tms2 server using the same dckkey.xml.
No need to matched the password on tms1 and tms2. The cryto key is per user. That is why it's in the RSA profile per user.
Thank you Blue Devil.
My team has observed that if we changed password of Administrator on tms1, the rulerunner servers no longer were able to authenticate to tms1.
This led me to guess that the password of Administrator that has exported the encryption key must be part of the private key that is used to decrypt passwords from rulerunner servers. So it may be that tms2 must have the same password as that of tms1.
Thank you for the tip.