2.22 Encryption

Hi all,

I upgraded a 2.20 instance with a 22-character encryption password to 2.22 (with 2.21 in the middle) and had the following warning in the log upon 2.22 startup:

  • WARN 2016-01-19 16:54:23,276 Encryption not configured: encryption.password in dhis.conf is too short. Minimum 24 characters is required. (ConfigurationPopulator.java [localhost-startStop-1])

What is the remediation for an encrypted database that did have an acceptable encryption.password pre-2.22? Can the password be changed?

Also, it seems as though “Encryption not configured” only pertains to attribute value encryption; is this correct? Previously, I have attempted to start DHIS2 with a database with encrypted system settings while forgetting to include “encryption.password” and DHIS2 simply refused to start. The fact that DHIS2 was able to start with a too-short password seems to indicate that existing encryption of system configuration functionality will continue to work, but value encryption is disabled.