Symantec IGA

Hi everyone.

I would like to know how to change the encryption algorithm of at least the form ForgottenPasswordHandler stores data. I see that it is currently in RC2 and would like to change it to PBES (in fact, I thing last one is the OOTB one, but this environment was inherited to me by other provider and I have no contact with them).

I will explain the reason for changing the encryption algorithm:

I have 2 idm environments where challenge / response is working fine in encrypted mode, and an inherited environment where it does not. I isolated problem, and I see that in the working environments, all passwordhints values are stored as {PBES} followed by a very short string (proportional to the length of the question and answer stored). In the non working, log says it can not insert {RC2} followed by a very long value, that exceeds the 900 bytes index limit.

Many thanks!

In the downloadable IM JavaDoc the ForgottenPasswordHandler class has an encrypt and decrypt method that uses the current encryption program if an encryption key is passed in and it mentions that you can override the method to implement another encryption application. So it looks like it would require custom coding to accomplish.

CA Identity Manager Programming Reference - CA Identity Manager - 12.6.8 - CA Technologies Documentation