Skip to content

Privacera Encryption Gateway (PEG) and Cryptography with Ranger KMS#

This topic covers how you can set up and use Privacera Cryptography and Privacera Encryption Gateway (PEG) using Ranger KMS.

UI Configuration#

  1. Launch PM UI. For more information on how to start PM UI, click here.

  2. In the left navigation of the PM UI, navigate to Setup Environment > Products and Services > Encryption & Masking Services and select PEG.

  3. Navigate to Setup Encryption & Masking > Configure PEG. By default, the PEG service is enabled.

  4. To install/update, go to Install in the left navigation, and click Install & Start Services.

CLI Configuration#

  1. SSH to the instance where Privacera is installed.

  2. Create a 'crypto' configuration file, and set the value of the Ranger KMS Master Key Password.

    cd ~/privacera/privacera-manager
    cp config/sample-vars/vars.crypto.yml config/custom-vars/
    vi config/custom-vars/vars.crypto.yml
    

    Assign a password to the RANGER_KMS_MASTER_KEY_PASSWORD such as "Str0ngP@ssw0rd".

    RANGER_KMS_MASTER_KEY_PASSWORD: "<PLEASE_CHANGE>"
    
  3. Run the following command.

    cp config/sample-vars/vars.peg.yml config/custom-vars/
    
  4. (Optional) If you want to customize PEG configuration further, you can add custom PEG properties. For more information, refer to PEG Custom Properties.

    For example, by default, the username and password for the PEG service is padmin/padmin. If you choose to change it, refer to Add Custom Properties.

  5. Run Privacera Manager to update the Privacera Platform configuration:

    cd ~/privacera/privacera-manager
    ./privacera-manager.sh update
    

    If this is a Kubernetes deployment,  restart all Privacera services:

    ./privacera-manager.sh restart