ENCRYPT_SWITCH Configuration Parameter

Home | Previous Page | Next Page Appendix B. Configuration Parameter and Environment Variable Reference >

ENCRYPT_SWITCH Configuration Parameter

syntax

ENCRYPT_SWITCH cipher_switch_time, key_switch_time

cipher_switch_time specifies the minutes between cipher renegotiation
key_switch_time specifies the minutes between secret key renegotiation

default value

60,60

units

minutes

range of values

positive integers

takes effect

when Enterprise Replication is initialized

The ENCRYPT_SWITCH configuration parameter defines the frequency at which ciphers or secret keys are renegotiated. The longer the secret key and encryption cipher remains in use, the more likely the encryption rules might be broken by an attacker. To avoid this, cryptologists recommend changing the secret keys on long-term connections. The default time that this renegotiation occurs is once an hour.