Managing Cloud Controller database encryption key
search cancel

Managing Cloud Controller database encryption key

book

Article ID: 386503

calendar_today

Updated On:

Products

VMware Tanzu Application Service

Issue/Introduction

After importing a Cloud Controller (CC) database it's possible to check "Use the default Cloud Controller database" but only after creating a key in the ledger.

Resolution

To check "Use the default Cloud Controller database":

  • Create a new primary record in the ledger with the same encryption key value in "Restore a Cloud Controller database from backup" ->  "Cloud Controller database encryption key".
  • Click "Change" in "Cloud Controller database encryption key" and leave it blank.
  • Click "Save"
  • Apply Changes

There is no way to go back to "Use the default Cloud Controller database" and zero keys in "Encryption key ledger".  The ledger is the preferred way to set encryption keys, though, since  "Cloud Controller database encryption key" is a legacy field from before the tile supported rotating encryption keys.