Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

back

Migration

TM to CT-V

search

TM to CT-V

Prerequisites

  • KeySecure Classic is up and running at a supported version. Refer to the KeySecure documentation for details.

  • A supported version of Tokenization Manager (TM) is configured.

  • A Java version supported by CipherTrust Vaulted Tokenization (CT-V) is installed.

    CT-V 8.12.3 onward, IBM Java is no longer supported and, as a consequence, the REST Web services cannot be deployed on IBM WebSphere.

  • A database version supported by CT-V is installed.

  • CipherTrust Manager is up and running at a supported version. Refer to CipherTrust Manager Deployment for details.

  • If there is an SSL connection between CipherTrust Vaulted Tokenization and the Key Manager, the installed Java should have TLS1.2 enabled.

    Refer to the "Installing CipherTrust Vaulted Tokenization" chapter of the CipherTrust Vaulted Tokenization User Guide for details.

Supported Versions

Current Setup

ProductVersion
KeySecure Classic8.7.0 or higher
Tokenization Manager (TM)8.7.1 or higher

Target Setup

ProductVersion
CipherTrust Vaulted Tokenization (CT-V)8.12.2 or higher
CipherTrust Manager2.2 or higher

Migration Steps

  1. Back up keys, users, and certificates on the KeySecure Classic UI. Refer to Creating a Backup File for details.

    While taking backup, on the Create Backup screen, select the Tokenization Manager check box.

  2. Restore the backup on the CipherTrust Manager. Refer to Migrating the Backup File for details.

  3. Upgrade from TM to the latest released version of CipherTrust Vaulted Tokenization (8.12.2). For upgrade instructions, refer to the Installing CipherTrust Vaulted Tokenization and Upgrading CipherTrust Vaulted Tokenization chapters of the CipherTrust Vaulted Tokenization User Guide.

    When using JDK, the jar and properties files will be placed in the JAVA_HOME/jre/lib/ext directory or at the user-specified location. Be sure that the location is part of your CLASSPATH.

  4. Update the IngrianNAE.properties file with the IP address and port number of the CipherTrust Manager.

  5. To verify migration and upgrade, run the tokenization sample in remote and local modes.

Limitation

  • At the moment, you cannot create and delete a token vault on the CipherTrust Manager UI. However, you can use the SetupDB and SetKey utilities to set up the token vault and deleteTable utility to delete the token vault.

    Refer to the Configuring Token Vault and Key Table chapter of the CipherTrust Vaulted Tokenization User Guide for details.

  • CT-V 8.12.3 onward, non-idempotent token vaults are not supported for the MySQL database.

Deprecated Features

  • The Persistent key caching feature is deprecated.

  • Following TokenService APIs are deprecated:

    • public TokenService(String naeUser, char[] naePwd, String dbUser, char[] dbPwd,char[] keyStorePassPhrase)

    • public TokenService(String naeUser, char[] naePwd, String dbUser, char[] dbPwd,char[] keyStorePassPhrase, String naePropertyFile)

  • Following deleteToken APIs are deprecated:

    • public void deleteToken(String token, String customData, String table)

    • public void deleteToken(String[] tokens, String[] customData, String table)