Configuring a custom cipher

Although Pega Platform has an integrated platform cipher, you can implement a custom cipher to address policies that are specific to your company. You can use your own custom cipher in Pega Platform as a data encryption type.

Before you begin: To configure ciphers, you must have the pxCanManageDataEncryption privilege, which is included in the PegaRULES:SecurityAdministrator role.
  1. Create a custom encryption cipher and define rules in Pega Platform that support this cipher. For more information, see the Pega Community article Creating a custom cipher in Pega Platform.
  2. In the header of Dev Studio, click Configure > System > Settings > Data Encryption.
  3. To encrypt application data, in the Application data encryption section, do the following steps:
    1. Select Custom cipher to encrypt data with your custom cipher.
    2. In the Site specific cipher class field, enter the name of the class that you created in step 1.
    3. Click Activate to start using this custom cipher for encryption purposes.
  4. To encrypt system data, in the System data encryption section, select the source of the master key.
    • Pega Platform
    • Keystore
    1. If you select Pega Platform, then also click Regenerate.
    2. If you select Keystore, then in the Select keystore field, press the Down Arrow key, select a keystore that is sourced from a data page, and click Activate.
  5. On the Warning dialog box that informs you about the changed encryption cipher, click Apply to confirm the custom cipher activation.