Support Article - Re-Deployment of Intershop 7.4 CI Overwrites the Valid "encryption.properties"
Introduction
This document replaces the outdated article with the ID 2572B0 and the title Re-deployment of Intershop 7.4 CI overwrites the valid "encryption.properties".
This article offers two solutions for the missing encryption configuration in Intershop 7.4 CI in case you re-deploy and thus overwrite your valid settings.
Problem
The encryption configuration (keystore, randomfile, configuration files) coming with the new Intershop 7.4 CI deployment will (by default) be overriden with the original contents upon next redeployment (e.g., not containing property intershop.encryption.keystore.password). The intershop.keystore and random files however will still exist.
Upon next access of the keystore a new value for intershop.encryption.keystore.password is generated. This is now inconsistent with the keystore.
Here is an example encryption.properties:
intershop.encryption.keystore.password=Phvvkl3XWhnPmRBLwiWbSCS5bMwwxp3JtWx3Hwpr5j1UIwpJiT45Xsf9pmaIUFu55oZVg6qFddegZo9Ky169Zr3CMy
intershop.encryption.keystore.file=${IS_SHARE}/system/config/cluster/intershop.keystore
intershop.encryption.random.file=${IS_SHARE}/system/config/cluster/random
Solution
There are two solutions how to deal with this issue:
- Solution 1: Keeping the
encryption.propertiesafter initial deployment is advised for customers which do not use a continuous delivery, and administer their servers in a traditional, manual way. - Solution 2: The deployment of the random-file, keystore and
encryption.propertiesis advised for customers using continuous delivery. They want to be enabled to re-deploy their system automatically and repeatingly with the deployment.
The intershop.keystore and random files can be generated for example by dbinit.
Discussion
Keep the encryption.properties
For detailed information see Cookbook - Gradle Deployment Tools (look at 14 Recipe: Keep Local Modifications).
settings.gradle:
[...]
deploymentBootstrap {
[...]
config {
[...]
assemblyDeployment {
[...]
modificationPriorities = ['default', 'intershop', 'myProject']
}
deployment {
modification {
keep('encryptionProperties') {
priority 'myProject'
dir target.shareDirectory
include 'system/config/cluster/encryption.properties'
}
}
}
}
}
Encryption Configuration (keystore, random-file, encryption.properties) as a Part of the Deployment
For detailed information see Cookbook - Gradle Deployment Tools (look at 8 Recipe: Deploy Custom Files).
- Create the
keystore, random-fileandencryption.properties(generated by dbinit or server access). - Add these files to your deployment environment, e.g., to the folder of the settings.gradle.
Make the following entries in the settings.gradle:
(add <keystore>,<random-file> and encryption.properties to deployment, exclude encryption.properties from core deployment).[...] deploymentBootstrap { [...] config { [...] deployment { files { additionalProperties { // Copy the files from the same folder as this settings.gradle file from new File(settingsDir, '<random-file>'), new File(settingsDir, '<keystore>'), new File(settingsDir, 'encryption.properties') // Define target of the copy operation into new File(target.shareDirectory, 'system/config/cluster/') } } } project(':core') { afterEvaluate { deployment.files.share { exclude 'system/config/cluster/encryption.properties' } } } } }