When moving from ASA 8.0.3 to 12.0.1, I'm also moving from simple to strong encryption. That works fine for the database files (i.e. .db and .log) simply by unloading into a database created with DBINIT -ea -ek. However, as I'm using SQL Remote and have a bunch of old v8 offline logs, I have to encrypt these old logs, too. And that's where I'm totally stuck:
So how can I change the old v8 logs from simple to strong encryption? (Sidenote: That does not feel like simple encryption at all...) |
You might be out of luck. Version 8 and 9 cannot convert a simple-encrypted file into a strongly-encrypted file. V10 and up can do it, but as you said they can't read the v8 format. I have no idea why I added this limitation because it should certainly be possible. And because v8 and v9 are EOL, I can't just go back and fix it. I'll think about it some more and see if I can figure out a solution. Graeme, I'm just asking w.r.t. to old SQL Remote logs. I had asked a while ago in the newsgroups whether old logs must be encrypted with the same key as the current database, and I was told that this is necessary. So I concluded that I have to encrypt those old logs, too. But I've just done a test where a v8 remote has incidentally lost an older message file, and the v12 cons (using strong encryption) has to resend contents from those old obfuscated v8 logs. And that seems to be possible without any problems. Therefore I hope you won't have to investigate further in that respect - I'm gonna raise another SQL Remote question instead...
(15 Apr '11, 12:11)
Volker Barth
|
Reg is here - that looks perfect...
Further testing shows that v12's CREATE ENCRYPTED FILE statement is able to encrypt simply encrypted files where v8's version seems not able to.
I'm trying with v9 now - hoping that can handle v8 log files...
No luck. SA 9.0.2.3951 (which is the latest EBF, AFAIK) can handle v8 log files but cannot encrypt simply encrypted files, either.