检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
This key is used to encrypt all objects.
Creates a new secret version in the specified secret to encrypt and store secret values randomly generated in the background. At the same time, the newly created secret version is marked as SYSCURRENT. Constraints The RotateSecret API does not support rotation of common secrets.
Constraints Default keys cannot be used to encrypt or decrypt such data with the tool. Asymmetric keys cannot be used to encrypt or decrypt such data with the tool. You can call an API to use a default key to encrypt or decrypt small volumes of data.
Encryption Data Encryption data is used to store and encrypt sensitive information. Edge applications can access plaintext data through MQTT server.
Encryption Data Encryption data is used to store and encrypt sensitive information. Edge applications can access plaintext data through MQTT server. Creating Encryption Data Log in to the IEF console. In the navigation pane, choose Edge Applications > Application Configuration.
Configuring TLS Context TLS is designed to ensure data confidentiality and integrity between two communication application programs. In the multi-tenant deployment scenario, you need to contact the system administrator to configure the TLS certificate. Procedure Choose System > About
Enabling or Disabling Encrypted Backup Scenarios TaurusDB can encrypt backups. After encrypted backup is enabled, a key is required, which is generated and managed by Data Encryption Workshop (DEW).
SSE-OBS uses a data key derived from the OBS root key to encrypt or decrypt an object. OBS does not need to interact with KMS. Therefore, you do not need to grant special permissions when sharing objects. Parent topic: Server-Side Encryption
This section describes how to call a KMS API and use a CMK to encrypt or decrypt data. Process: Create a CMK in KMS. Call the encrypt-data API of KMS to encrypt plaintext data by using a CMK. Deploy ciphertext certificates on your servers.
Connecting to a Database in SSL Mode When establishing connections to the GaussDB server using JDBC, you can enable SSL connections to encrypt client and server communications for security of sensitive data transmission on the Internet.
Connecting to a Database in SSL Mode When establishing connections to the GaussDB server using JDBC, you can enable SSL connections to encrypt client and server communications for security of sensitive data transmission on the Internet.
If necessary, encrypt such data. Collector Deployment When you manually install the ICAgent on an Elastic Cloud Server (ECS), your AK/SK will be used as an input parameter in the installation command.
Replacing an HA Certificate HA certificates are used to encrypt the communication between active/standby processes and HA processes to ensure the communication security.
To encrypt them, perform the operations provided in this topic. Setting the HFile and WAL encryption mode to SMS4 or AES has a great impact on the system and will cause data loss in case of any misoperation. You are not advised to perform this operation.
According to the principle of asymmetric cryptography, each certificate holder has a pair of public and private keys, which can be used to encrypt and decrypt each other. The public key is public and does not need to be kept confidential.
AES Encrypt the character string using the AES encryption algorithm. AES algorithm configurations: The initial vector (IV) is a 16-byte random number. The encryption mode is GCM. PKCS7-Padding (CMS-Padding) is recommended.
Data Protection User encryption allows you to use the encryption feature provided on the cloud platform to encrypt ECS resources, improving data security. If you use an encrypted ECS to create an AS configuration, the AS configuration is encrypted as the ECS.
They are used to encrypt the signature of a request, ensuring that the request is secure and integral, and that identities of the request sender and receiver are correct. AK: a unique ID associated with an SK. It is used together with the SK to sign requests.
If you want to encrypt transmission from CDN to your origin server, configure a security certificate on the origin server for full-link HTTPS.
Creating a Secret Version Function Creates a new secret version in the specified secret to encrypt and keep the new secret value. By default, The latest secret version in SYSCURRENT state. The previous version is in the SYSPREVIOUS state.
