Enabling DB2 Encryption Key Backup at Backup Set Level

You can enable DB2 encryption key backup at backup set level.

Before We Begin

• The encryption key backup is only applicable to encrypted databases.

• The DB2 user must have SECADM permissions to fetch the current master key being used during the backup.

• The DB2 instance user must have operating system permissions to read the keystore files.

• The user must have read and write permissions to perform backup and restore operations.

• Indexing must be enabled. You can upgrade it using the Upgrade To Indexing V2 workflow.

Procedure

1. From the Command Center navigation pane, go to Protect > Databases.

   The database Overview tab appears.

2. On the Instance tab, click an instance.

   The instance Overview tab appears.

3. Go to Databases tab.

4. Click the database for which you want to enable the keystore backup.

   The instance Overview tab appears.

5. In the General tab, click the edit button.

   The Edit DB2 Database dialog box appears.

6. Move the Enable DB2 encryption keys backup toggle key to right.

7. From the DB2 Encryption keys backup passphrase credential list, select a credential or add a new credential.

   Steps to add a credential

   1. Click +.

      The Add Credential dialog box appears.

   2. In the Account type box, the Linux account is selected by default.

   3. From the Credential Vault list, select a credential vault to store, share, and update account credentials with shared resources in your environment.

   4. In the Credential name box, enter a unique name to access the credential.

   5. In the User account box, enter the user account that has access to the DB2 server.

   6. In the Password/Passphrase box, enter the password for the user account.

   7. In the Description box, enter a brief description for the credential.

   8. Click Save.

8. Click Save.