Property Encryption

General
, , ,
1

Hi All,

I need To encrypt a property value using Pega OOTB function encryptproperty and also used Access control policy method to encrypt a property. But I am getting below error..

“encryptPropertyValue: No key store or site-specific cipher algorithm specified”

Please help me how to specify cipher algorithm to encrypt property in my application.

thanks,

Raguraman.K

2

@Raguraman.K

The error “encryptPropertyValue: No key store or site-specific cipher algorithm specified” occurs because Pega is unable to find a valid Keystore or cipher algorithm configuration for encryption. Let’s go step by step on how to resolve this.

Solution Steps to Configure Encryption in Pega:### 1. Ensure a Keystore is Configured

Pega requires a Keystore to securely store encryption keys. Follow these steps:

  • Go to: Records > Security > Keystore
  • Create a new Keystore (if not already present)
  • Keystore Type: Choose Custom Keystore, Amazon KMS, or Azure Key Vault based on your setup.
  • Upload or Generate the Encryption Keys.
  • Save & Test the Keystore.

:light_bulb: Tip: If using Pega Platform encryption, ensure the Platform Cipher is properly configured.

2. Configure a Cipher Algorithm

Pega allows encryption via a cipher algorithm specified in the prconfig.xml file or Dynamic System Settings (DSS).

  • Go to: Records > SysAdmin > Dynamic System Settings
  • Add/Update the following DSS values:
    • Owning Ruleset: Pega-Engine
    • Setting Purpose: security/cipher/default
    • Value: (Set an encryption algorithm, e.g., AES/CBC/PKCS5Padding)
  • Restart the server to apply the changes.

3. Verify Property-Level Encryption via Access Control Policy

If you are encrypting a property using an Access Control Policy, ensure:

  • The Access Control Policy is correctly configured for Property Encrypt.
  • The Keystore is referenced in the Access Control Policy Condition.

:small_blue_diamond: Steps:

  1. Navigate to Records > Security > Access Control Policy
  2. Create a policy of type PropertyEncrypt.
  3. In the Access Control Policy Condition, ensure the encryption algorithm and Keystore are specified.

4. Use encryptProperty Correctly

Pega provides the @encryptProperty(propertyName, className) function, but it requires a proper encryption configuration.

:white_check_mark: Example Usage in a Data Transform or Activity:

@encryptProperty(.SSN, "YourClassName")

Ensure that YourClassName refers to the class where the property exists.

Final Checklist to Fix the Issue

:check_mark: Keystore is configured under Records > Security > Keystore.
:check_mark: Dynamic System Setting (DSS) security/cipher/default is set with a valid cipher algorithm.
:check_mark: Restart the server after making changes to DSS or Keystore.
:check_mark: Access Control Policy of type PropertyEncrypt is set up correctly.
:check_mark: Use @encryptProperty only after ensuring all encryption configurations are in place.

Conclusion

Once you configure a Keystore and specify the cipher algorithm correctly, your encryption should work without errors. Try these steps and let me know if you need further troubleshooting!

3

@sathishsenthil Thanks for your help.I will try with this approach.