FileCloud supports storage encryption for "Managed Disk Storage" as of the latest release. This section explains how to enable this encryption module.
|1||Latest FileCloud Installation. |
Note: Upgrading existing FileCloud will not have all the necessary components needed for encryption.
|2||Memcached installation, which will be part to the new updated FileCloud installers.|
Path to SSL configuration file. This can be set to custom path by overriding the config value SSL_CONF_FILE in cloudconfig.php.
In Windows, for example if you have XAMPP installed in D:\xampp, then you will be adding the following line to cloudconfig.php.
|4||Only in windows, php_com_dotnet.dll is needed, which will be installed automatically with FileCloud v9.0 installer onwards.|
For Windows, if your xampp is installed in location other than C:\xampp, then add the following key in <WWWROOT>\config\cloudconfig.php
Enable Encryption Module
By default, encryption module is not enabled. In order to enable the encryption module, edit using the WEBROOT/config/localstorageconfig.php file and change the configuration to suit your environment.
Add a new line that reads as follows.
1 to enable encryption for local managed storage
0 to disable encryption
Enable Storage Encryption
Upon enabling the encryption module, admin UI will get new options to manage the encryption.
To manage encryption:
- Login into admin UI as an admin user with necessary permissions.
- Goto Settings -> Storage. You will see a new option in the screen as shown in the following picture.
- Click on the "Manage" button. A manage popup window appears.
- Enter an optional password and click on "Enable Encryption". This will perform the necessary initialization of the encryption module.
- When an password is set while enabling encryption, you will have the ability to create a recovery key. This recovery key is a private key file, which can be used to reactivate encrypted filesystem, in the case of lost password.
- If recovery key option is selected, the recovery key file will be available only once for download. Once downloaded, the option for download will not be shown again.
Encrypt Existing Files (optional)
Once the encryption is successfully initialized, another popup will be shown depending on whether your FileCloud server had existing files in local storage or not.
System already contains files:
- If there are unencrypted files that existing storage system, the above popup will be shown. Click on "Encrypt All" button to encrypt the existing files.
- When all the existing files get encrypted, the status window should be as shown below.
System doesn't contain any files:
- System already will be in fully encrypted state.