How are the ranger master keys stored inside
ranger_masterkey table used in RangerKMS? Any documentation explaining this? Do they have any connection with the ZEKs in Ranger KMS?
The above was originally posted in the Community Help Track. On Tue May 21 13:30:47 UTC 2019, a member of the HCC moderation staff moved it to the Security track. The Community Help Track is intended for questions about using the HCC site itself.
Thank you @Vipin Rathor. Currently, I am trying to export a few EZK's to another Ranger KMS instance(on a different cluster). I found the
exportKeysToJCEKS.sh from Ranger KMS scripts which has the downside that it exports all the EZK's to a JCEKS keystore.
I have the following questions:
Another question again from the
rangerkms db is regarding the records in
ranger_keystore table. Why are two similar records there for every EZK (one with cipher
AES and the other with
AES/CTR/NoPadding and ending with
Thank you in advance.