You are here: User Guides > Connector for Adobe Experience Manager > Encrypting and Decrypting Content

Encrypting and Decrypting Content

Note: This feature is available only when using the Clay Tablet Translation Connector for SDL TMS or the Clay Tablet Translation Connector for Lionbridge Freeway.

You can generate your own keys to encrypt and decrypt content you send for translation from the Lionbridge Connector for Adobe Experience Manager ("Connector for Adobe Experience Manager") to either:

  • the Clay Tablet Translation Connector for SDL TMS ("Connector for SDL TMS")
  • the Clay Tablet Translation Connector for Lionbridge Freeway ("Connector for Freeway")
Before translation:
  1. The Connector for Adobe Experience Manager uses the generated keys to encrypt the content once it is ready for translation.
  2. The Connector for Adobe Experience Manager sends the encrypted content via the Clay Tablet Platform to the Connector for SDL TMS or to the Connector for Freeway.
  3. Either:
  • The Connector for SDL TMS uses the generated keys to decrypt the content before sending it to SDL TMS.
  • The Connector for Freeway delivers encrypted content to Freeway.
After translation:
  1. Relevant to SDL TMS only. The Connector for SDL TMS uses the generated keys to encrypt the translated content once it is ready to send back to Adobe Experience Manager.
  2. The Connector for SDL TMS or the Connector for Freeway sends the encrypted content via the Clay Tablet Platform to the Connector for Adobe Experience Manager.
  3. The Connector for Adobe Experience Manager uses the generated keys to decrypt the content before sending it to Adobe Experience Manager.

For instructions on configuring the Connector this feature, refer to the Lionbridge Connector for Adobe Experience Manager Installation and Configuration Guide.

Which encryption standards does the Connector support?
Other requirements
  • Cipher: AES/CBC/PKCS5Padding
  • Initialization vector: 16 bytes, as required by AES (Advanced Encryption Standards), from a cryptographically strong random number generator.
How to set up your keystore

Use the following commands and options to set up your keystore.

keytool -genseckey -keystore ctt-keystore -storetype jceks -storepass mystorepass -keyalg AES -keysize 256 -alias cttkey -keypass secretpassword

Important: The keystore should be on a file system that is readable by the Connectors.

Command and Options Description
-genseckey Generates a secret key and stores it in a new KeyStore.SecretKeyEntry identified by alias.
-keystore ctt-keystore
-storepass mystorepass
The location and filename of the keystore, and a password to protect it from unauthorized access.
-storetype jceks

The keystore type for storing AES (Advanced Encryption Standards) keys.

Important: When generating keys, do not enter other values. Other values are not supported.

-keyalg AES

The algorithm for generating the key pair.

Important: When generating keys, do not enter other values. Other values are not supported.

-keysize 256 The size of the key.
-alias cttkey -keypass secretpassword The key alias/password pair for retrieving the key entry from the keystore. The Connectors use this pair.

 

You can use the above commands to add additional keys to an existing keystore.

For detailed instructions, refer to: https://docs.oracle.com/javase/6/docs/technotes/tools/solaris/keytool.html.

How to encrypt and decrypt content

Use the Java keytool utility to generate, store, and retrieve keys. For detailed instructions, refer to:

https://docs.oracle.com/javase/6/docs/technotes/tools/solaris/keytool.html.