Subscribe to Email Updates

    encryption Knowledge Base | 2 min read

    SSE Usages recommandations

    SSE Usage recommendations


    Well know situation : 

    You don't specify a file with a 32 char key

     

    Situation : The SSE required a 32 char key to be able to encrypt the contents which are sent to the bucket. Make sure that you include a 32 char key for having the feature working properly.

     

    Keys rotation


    Situation : The uploader key file can include multiple keys, be careful about the syntax and file organization :

    • first line is always the main encryption / decryption key
    • second lines are always the decryption keys

    Example : If you want to change the key every month (for encryption), you will store the last key in the first line, and store all previous keys in the next lines ; this to keep the possibility to decrypt the files which have been stored and encrypted with this key.

    Example :

    Keys.txt
    01234567890123456789012345678911
    11234567890123456789012345678911
    21234567890123456789012345678911
    • 01234567890123456789012345678911 is the key used to encrypt - decrypt datas
    • 11234567890123456789012345678911 is a previous key which is still required to decrypt the data
    • 21234567890123456789012345678911 is a previous key which is still required to decrypt the data

    Bucket Encryption Configuration Changes

    Situation : You store data in a bucket from a while and after a certain time, you decide to set an encryption option.

    This change only impact the new data which will be encrypted and keep all previous written files not encrypted.

    Encryption Visualization

    In an S3 object storage supporting SSE, we can easily see icons showing the encrypted files :

    key sse example


          



    Related Categories

    encryption Knowledge Base

    You may also like:

    Settings encryption

    Enable SSL Certificate Container accessible on S3 Protocol

    By default, the Containers are accessible on S3 with HTTP protocol. You can add a SSL Certificate to allow data encrypti...

    Settings encryption

    Add a SSL Certificate on Web Console

    By default, the Web Console is accessible on HTTP. Nodeum allows the configuration of its Web Console with SSL Certifica...

    Settings encryption S3

    Setup SSE to encrypt S3 Buckets

    Description S3 connector is compatible with the Server-side encryption. This encryption solution is about protecting dat...

    Let Us Know What You Thought about this Post.

    Put your Comment Below.

    Learn and grow with award-winning support and a thriving community behind you.

    Get the free version