Skip to main content

Creating a keystore instance for an external key management service

Suggest edit
Updated on July 1, 2021

You can encrypt application and system data in Pega Platform™ by using either the platform cipher or a cipher that is stored within an external key management service (KMS). Use an external KMS to control the ownership, creation, and rotation of your master key.

To configure Pega Platform to use an external KMS, complete the following tasks.
  1. In the external key management service, create the master key.
  2. In Pega Platform, create an instance of the keystore rule to access the external KMS.
  3. In Pega Platform, configure and activate the platform cipher to reference the keystore instance.
    For more information, see Configuring the platform cipher.
  4. In Pega Platform, identify the classes and properties to encrypt.
Did you find this content helpful? YesNo

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us