6320ch_migrating.fmDraft Document for Review July 28, 2004 7:33 pm

--please replace MASTERCATALOG_ID with one of the catalog of the store you want to designate as MasterCatalog

update storecat set mastercatalog='1' where catalog_id=10002 and storeent_id=10001;

insert into catgrptpc (catgroup_id,catalog_id,tradeposcn_id) values (0,10002,10001);

To execute the file, run the following from a DB2 command window:

db2 -tvf choosemc.sql

Ensure that the script has run successfully be examining the output.

11.3.3 Migrating the encrypted data

Once the database is migrated there are some additional steps to complete the migration.

Merchant key and encrypted data

The merchant key in WebSphere Commerce Suite V5.1 can be either default or custom. A default merchant key is a fixed value selected by WebSphere Commerce Suite V5.1 while the custom key is defined by the user. A default merchant key is not valid in WebSphere Commerce V5.6 and must be changed to a user defined merchant key. Since the encryption behavior has changed for sensitive data (as described below) the encrypted information must be re-encrypted using the new behavior to ensure that encrypted data is valid.

Users

Users stored in USERREG table (registered users) have a logon ID and a password. In WebSphere Commerce Suite V5.1 the password is encrypted using the merchant key and can be decrypted using the merchant key. In WebSphere Commerce V5.6 the USERREG has an extra column SALT (introduced in WebSphere Commerce Suite V5.4), which is used as an extra factor in the encryption of the password. The SALT key is added to the password and a one way hash key (SHA-1) is returned from the concatted string. This hash key is then encrypted. This method ensures that it is almost impossible to decrypt and retain the password. Because of this extra security the passwords must be decrypted and re-encrypted with a random SALT key and using a one way hash key.

Credit cards

Credit card data stored in ORDPAYINFO, ORDPAYMTHD and PATTRVALUE contains sensitive data and will typically be encrypted. The variable PDIEncrypt in the instance file indicates if credit card data is encrypted. Prior to WebSphere Commerce Suite V5.1.1.2 the merchant key was not used to encrypt credit card

214Keeping Commerce Applications Updated WebSphere Commerce 5.1 to 5.6 Migration Guide

Page 232
Image 232
IBM SG24-6320-00 manual Migrating the encrypted data, Merchant key and encrypted data