I have a project with a requirement to have all databases encrypted on one of several Domino servers.
I have an agent that runs on one of the servers to create replica databases on one of the other servers (round-robin).
Now that encryption has surfaced, I'm trying to find a way for my agent to encrypt the database with teh public keys of the server that will hold the replica.
I've seen NSFDbCreateExtended, but this encrypts the database with the public key of the agent signer.
Looking at the client, it's possible to set encryption on a database and use another user's keys (there's even a warning pop-up). I can't seem to find a (supported) method to accomplish my goal.
I put Notes under a debugger to see if I could find the call that actually does this (to try to find an UNsupported way to do this).
The function seems to call NSFDbLocalSecInfoSet, but this is an undocumented API call (so undocumented, I found ONE reference using google, that pointed to someone else calling out undocumented functions).
Has anyone else found a way to do this? Because this would be server-side agents, no UI stuff. I'm wondering - do I need to create a server-side agent on each server (signed with that server's ID) and call that agent when I want to encrypt?
I'm using 7.0.3, but could be convinced to upgrade the server running this agent.
The code snippet (at the moment) looks like:
If W32_NSFDbCreateExtended ("test.nsf",0, 1, 1, 2, 0) = 0 Then
Set oNotesNewDatabase = oNotesSession.GetDatabase("", "test.nsf")
oNotesNewDatabase.Compact
.
.
End If
Thanks in advance for any advice.
Print this page
