General Description
To optimize the protection mechanisms of Lexolution and the STP infrastructure, starting with version 9.4 of Lexolution, the relevant entries in the configurations can be encrypted.
This means it is no longer possible to read access data directly from the configuration files.
Encrypting the relevant entries is optional, and a tool is provided that allows you to encrypt and decrypt these entries.
Tool STP.Kms.ConfigEncryptor.exe
The tool is included in the delivery files in the ZipFiles directory and, as mentioned above, is named STP.Kms.ConfigEncryptor.exe
Requirements for running the tool:
- The STP.Kms.ConfigEncryptor.exe must be copied into the directory where the configuration file to be encrypted and the exe are located.
- It explicitly requires administrator rights.
- It needs access to all DLLs referenced in the configuration file.
For example, in STP.Kms.Server.exe.config, theSTP.Kms.Server.Config.Implementation.dllis referenced:
🛈 Note
To edit configuration values, you must first decrypt the configuration file if it is encrypted.
After using the tool and completing the configuration work, the tool must be removed again.
Behavior During Initial Installation and Update
During an initial installation, the configuration files are not encrypted by default. If encryption is desired, it must be done after installation using the tool.
During an update, the application can read and write both encrypted and unencrypted configuration files. The Encryptor is not needed for this.
🛈 Note
This also applies to backups of the configuration files, including backups created during uninstallation.Configuration Files That Can Be Encrypted and Decrypted
| Type | File Name | Location |
|---|---|---|
| Lexolution Server | STP.Kms.Server.exe.config | C:Files (x86)AG.KMS Server |
| iDesk Server | STP.Idesk.Server.exe.config | C:Files (x86)AGIntegration Services |
Function of the De-/Encryptor Tool
- First, copy the De-/Encryptor tool into the appropriate program directory where the configuration files should be encrypted or decrypted.
- Start the tool with the
Run as administratoroption. - Select the relevant configuration file you want to encrypt or decrypt and click
EncryptorDecrypt. - The actions/results will be displayed in the gray area.
🛈 Note
The application automatically detects whether a configuration file has already been encrypted or decrypted and displays this information.
This article has been automatically translated by an AI and may therefore contain errors.
Related to