Encryption Key Explained
Ixonn generates a unique encryption key (32 characters long) for each installation. If you are upgrading from version below 1.1.8 unique encryption key will be generated during the upgrade.
The encryption key is stored in application/config/app-config.php
- Why The Encryption Key Is Used?
The encryption key is used to encrypt/decrypt sensitive data inside the database like online payment modes API credentials, email passwords etc..
Currently Ixonn encrypt the following areas:
- Payment Gateways API credentials. (Setup->Settings->Payment Gateways)
- Leads email integration email password (Setup->Leads->Email Integration)
- General email SMTP password. (Setup->Settings->Email)
- Customer vault entries.
- Departments IMAP email password (Setup->Support->Departments)
- Can I Change The Encryption Key?
You can’t change the encryption key if you have setup data for the areas mentioned in FAQ 1. If you change your encryption key the system won’t be able to decrypt your data.
Decrypting data is possible with the same encryption key used to encrypt your data.
- What If I Lose/Change The Encryption Key?
In case you had data already encrypted with your existing key and you lose/changed/delete/deleted application/config/app-config.php you will need to generate new 32 characters long encryption key and re-add all the encrypted fields again because with your new encryption key the system won’t be able to encrypt the already encrypted data (SEE FAQ 1).
- Create (if don’t already exists) a file with name my_functions_helper.phpin application/helpers/ and add the following code:
- Login to the admin area and new encryption key will be outputted on the top of your browser window.
- Copy the key (without spaces).
- Removethe code you added in application/helpers/my_functions_helper.php and save the file.
- Navigate to application/config/app-config.phpand find $config[‘encryption_key’] replace/add the encryption key as shown on the screenshot below.
- Re-add all your encrypted fields areas mentioned in FAQ 1. Now the system will encrypt the data with your new encryption key.
- Re-test all the encrypted fields.