How to add changes for NO ENCRYPT option

[hsc2013]

I am trying to restore encrypted DB to non-encryped DB. I made changes by setting piDbEncOpts to SQL_ENCRYPT_DB_NO but still restore is being failed. Is there db2 sample code is there where I can check how to set "NO Encrypt" option in DB2.

[kdrodger]

Hi @hsc2013 . There are ways to this using the db2 command line but if you're interested in the C APIs, as it seems you are, then have you tried setting:

db2RestoreStruct.iOptions |= DB2RESTORE_NOENCRYPT;

From our SDK headers (db2ApiDf.h):

** - DB2RESTORE_NOENCRYPT 
** When restoring into a new database, force the new database to disable
** encryption. This option is ignored when restoring into an existing database,
** where the existing database's encryption settings are honoured.

[hsc2013]

@kdrodger I am trying C API option but it is being failed with a reason "option is not valid" on db2 11.1

SQL2032N The "iOptions" parameter is not valid.

Also, I do not see ioption DB2RESTORE_NOENCRYPT in the IBM https://www.ibm.com/docs/en/db2/11.5?topic=apis-db2restore-restore-database-table-space but it is present in sdk

[kdrodger]

When you call db2Restore( ) which versionNumber are you providing? And can you show the relevant snippet of the db2diag output (db2diag.log contents) from when that error is generated? Lastly, which Db2 release are you building your app with, and which client and server levels are you executing with? Thanks.

[hsc2013]

We are giving 10.5 db2version while calling db2Restore() and below is the error from db2dialog.

FUNCTION: DB2 UDB, database utilities, sqludValidateParameters, probe:1324 DATA #1 : Sqlcode, PD_TYPE_SQLCODE, 4 bytes -2032 DATA #2 : Hexdump, 13 bytes 0x00007FD8AC3B1698 : 10F8 FFFF 694F 7074 696F 6E73 00 ....iOptions.

FUNCTION: DB2 UDB, database utilities, sqludValidateParameters, probe:1324 MESSAGE : SQL2032N The "" parameter is not valid. DATA #1 : SQLCA, PD_DB2_TYPE_SQLCA, 136 bytes sqlcaid : SQLCA sqlcabc: 136 sqlcode: -2032 sqlerrml: 8 sqlerrmc: iOptions sqlerrp : sqludVal sqlerrd : (1) 0x00000000 (2) 0x00000000 (3) 0x00000000 (4) 0x00000000 (5) 0x00000000 (6) 0x00000000 sqlwarn : (1) (2) (3) (4) (5) (6) (7) (8) (9) (10) (11) sqlstate:

FUNCTION: DB2 UDB, database utilities, sqludValidateParameters, probe:1325 MESSAGE : NO ENCRYPT cannot be specified on this API version

[kdrodger]

That makes sense then, and that message is attempting to tell you the exact problem. The NO ENCRYPT option was not introduced until db2Version1054, if I'm not mistaken, and so it's not supported by the client and server until at least that point.

By setting any earlier version on the API call you're telling the Db2 client and server that you have built your app with a version of the API SDK structures that do not support NO ENCRYPT, and so the input is validated based on that. Since those interfaces and structures can change from release to release, if you're actually building with 11.1.x, it would be correct to pass in the db2VersionXYZ value that corresponds the release of the SDK you're using. If you're building with older 10.5 version then you'll need to upgrade to a newer version in order to take advantage of the feature you're looking for.

[hsc2013]

@kdrodger , Thanks! . It works on version 10.5.6. I am closing this as it is working.