rsec/securestorage/keyfile SAP Parameter attribute - Path to file with key for the secure storage

rsec/securestorage/keyfile is a SAP Parameter attribute which is used to control Path to file with key for the secure storage information. This is available within R/3 SAP systems depending on the version and release level.

Below is the standard documentation available and a few details of the attributes values .

rsec/securestorage/keyfile profile paramerter attributes

Parameter Name: rsec/securestorage/keyfile
Description: Path to file with key for the secure storage
Default Value: $(DIR_GLOBAL)$(DIR_SEP)security$(DIR_SEP)data$(DIR_SEP)SecStoreDBKey.pse
Parameter Type ( See IF_PARAMETER_TYPES): String(STRING)
Restriction Values:
Parameter Unit:
Parameter Group: System
CSN Component: BC-SEC
System-Wide parameter: No
Dynamic Parameter: Yes
Vector Parameter: No
Has Sub-Parameters: No
Check Function Exists: No

Parameter documentation

You can use this parameter to specify a file that contains the global key for the secure storage. If no value is specified, a default key is used. This is enhanced with system-dependent data and usually provides sufficient protection. Due to the dangers associated with using your own key (see below), you should only use this function if you require a greater than normal degree of protection. If a value is specified, this must be the path to a file that can be accessed from the application server. This file must contain a continuous sequence of 48 characters from the hexadecimal character set (0-9, A-F) at the start of the file. You can use the report RSECKEYGEN to generate a suitable key from a pass phrase. If you specify only a file name, the system looks for this file in the working directory of the application server. The first time the key is changed from the default value (default key is used) to another value, the entries encrypted with the default key are automatically encrypted with the new key the next time they are accessed. If you change the global key again, entries that were created with the old key can no longer be decrypted. This means that a migration in transaction SECSTORE is required. For more information, see the notes in the documentation.
CAUTION Keep a copy of the key file in a secure location. If the file were to be lost, it would no longer be possible to access the entries in the secure storage that were saved with this key. This can have severe consequences for the entire system.

See SAP Parameter Documentation for full SAP documentation for this profile parameter.