Skip to content

Privacera Encryption Gateway (PEG) and Cryptography with Ranger KMS#

This topic covers how you can set up and use Privacera Cryptography and Privacera Encryption Gateway (PEG) using Ranger KMS.

Configuration

  1. SSH to the instance as ${USER}.

  2. Create a 'crypto' configuration file, and set the value of the Ranger KMS Master Key Password.

    cd ~/privacera/privacera-manager
    cp config/sample-vars/vars.crypto.yml config/custom-vars/
    vi config/custom-vars/vars.crypto.yml
    

    Assign a password to the RANGER_KMS_MASTER_KEY_PASSWORD such as "Str0ngP@ssw0rd".

    RANGER_KMS_MASTER_KEY_PASSWORD: "<PLEASE_CHANGE>"
    
  3. Run the following command.

    cp config/sample-vars/vars.peg.yml config/custom-vars/
    
  4. (Optional) If you want to customize PEG configuration further, you can add custom PEG properties. For more information, refer to PEG Custom Properties.

    For example, by default, the username and password for the PEG service is padmin/padmin. If you choose to change it, refer to Add Custom Properties.

  5. Run Privacera Manager to update the Privacera Platform configuration:

    cd ~/privacera/privacera-manager
    ./privacera-manager.sh update
    

    If this is a Kubernetes deployment,  restart all Privacera services:

    ./privacera-manager.sh restart
    

Last update: July 23, 2021