Skip to main content

Encrypting the user permissions file

User permissions are stored in the following repository file:

<product_dir>\Data\cfgrepo.sqlite

To prevent unauthorized access of this file, you can encrypt it using the procedure described below. After you perform the procedure, the repository file will be encrypted with the AES-256 bit cipher.

Information note

The length of any passwords specified during the procedure must be at least 32 characters.

  1. Open a command prompt as administrator and change the working directory to:

    <product_dir>\bin

  2. Run the following command to set the master user key:

    aemctl.exe masterukey set --password your_MasterUserPassword

    Example:

    aemctl.exe masterukey set --password ANqaGYERP3UKmGLK6UNuMqrkAGxwH8FM

  3. Restart the Qlik Enterprise Manager service.
  4. Run the following command to set the repository password:

    aemctl.exe repository setpassword --master-user-password your_MasterUserPassword --repository-password your_RepositoryPassword

    Example:

    aemctl.exe repository setpassword --master-user-password ANqaGYERP3UKmGLK6UNuMqrkAGxwH8FM --repository-password 12345678901234567890123456789000

    Steps 1-4 only need to be performed the first time you want to encrypt the repository file. If you subsequently need to decrypt the repository file and then re-encrypt it, they are not required.

  5. Run the following command to encrypt the repository:

    aemctl.exe repository secure --on --master-user-password your_MasterUserPassword

    Example:

    aemctl.exe repository secure --on --master-user-password ANqaGYERP3UKmGLK6UNuMqrkAGxwH8FM

  6. Restart the Qlik Enterprise Manager service.
  • Run the following command:

    aemctl.exe repository secure --off --master-user-password your_MasterUserPassword

For information on setting user permission, see User permissions.

For more information on commands related to the master user password, see Commands Related to the Master User Password.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!