The Sentinel installation allows the administrator to generate a new, random encryption key (stored in the .keystore file) or import an existing .keystore file. With either approach, the .keystore file must be the same on every machine that has a Sentinel Server component installed in order for communication to work properly.
NOTE:The .keystore file is not necessary on the database machine if the database is the only Sentinel component installed on that machine. It is also not necessary on machines with only the Sentinel Control Center, Collector Builder, Sentinel Data Manager, or Collector Manager (using a proxy) installed.
The encryption key can be changed after installation using the keymgr utility. This utility generates a file containing a randomly generated encryption key. This file must be copied to every machine that has a Sentinel Server component installed.
For UNIX, log in as the Sentinel Administrator User (esecadm by default). For Windows, login as a user with administrative rights.
Go to:
For UNIX:
$ESEC_HOME/lib
For Windows:
%ESEC_HOME%\lib
Run the following command:
On UNIX:
keymgr.sh -–keyalgo AES --keysize 128 –-keystore <output filename, usually .keystore>
On Windows:
keymgr.bat –-keyalgo AES --keysize 128 –-keystore <output filename, usually .keystore>
Copy .keystore to each machine with a Sentinel Server component installed (unless it is using proxy communication). The file should be copied to:
For UNIX:
$ESEC_HOME/config
For Windows:
%ESEC_HOME%\config
NOTE:If you are using Advisor in Direct Download mode, you must update the Advisor password stored in Advisor’s configuration files. This password is encrypted using the information in .keystore and must be recreated using the new .keystore value. To update the password, follow the instructions in .