Re-Encryption possible

TobiWahnKenobi · December 9, 2024, 9:57am

Hi, sorry to ask that stupid question, but is re-encryption of databases now possible? At least on Install/Replace? That would be a gamechanger for us.

Many thanks
Tobias

toddgeist · December 9, 2024, 1:21pm

Hi Tobias,

Thank you for reaching out! This is actually not a stupid question at all - it’s a great one. I’m happy to confirm that database re-encryption is indeed possible now.

Could you share a bit more about how you’re planning to use this feature in your scenario?

Todd

TobiWahnKenobi · December 16, 2024, 9:13am

We are an SBA Partner and it would be perfect for the first install to use otto and just reencrypt the customers DB with its own encryption key. That way we can use otto from the very first install up to all the updates later on.

toddgeist · December 16, 2024, 1:48pm

Hello,

Thank you for that information. I just wanted to make sure you didn’t have a use case we hadn’t considered yet.

Encrypting with a different key on Install/Replace is the part we need to add. It is on our road map for early next year.

Thank you

Todd

TobiWahnKenobi · December 16, 2024, 8:39pm

Many many thanks!! You are awesome

m.desmarteau · August 27, 2025, 12:38am

Hey! I’m confused about this subject, is it still pending? I feel like I remember doing an “install” with two different encryption password and the destination being completely okay and having the new client encryption password.

But if I do that now, it has the weirdest state where following migrations with the same left-right different encryption passwords as the install fails with the error “wrong encryption password”, if I close and reopen the file on OttoFMS or FMS console, I have to input the good new file password to open it, but if I download the file and try to open it offline, only the old source password works.

I’m pretty confused, should I still not use install in our case ? (Every client has a different generated encryption password).

kduval · August 27, 2025, 2:55pm

Hey Marc-Andre,

Currently OttoFMS does not re-encrypt files as part of a deployment. If you want to re-encrypt a file with a new encryption password you should use the “Encrypt” option from the OttoFMS UI.

So for your flow it would probably be:

create a newly encrypted version of the file with a new encryption key
run the deployment to move the file from that server to your destination.

-Kyle

m.desmarteau · August 27, 2025, 3:29pm

Perfect, thank you for the confirmation!

TobiWahnKenobi · August 28, 2025, 10:43am

Is this no longer being worked on? Because You said its on the roadmap for early 2025?
Can we use the encrypt function of the ottofms ui to encrypt multiple databases in one go?

Thanks,
Tobias

kduval · September 2, 2025, 2:56pm

Hey Tobias,

Priorities changed a fair bit this year due to some other goals, so this has not made it to the top of the list yet.

You cannot re-encrypt multiple files at once at this time.

-Kyle

TobiWahnKenobi · September 3, 2025, 7:48am

Ok, thanks. Patiently hoping this will make the cut in a future release