Page History

...

Prepare changing the encryption key

The node initiator generates new encryption key(s) for cache group(s).
The distributed process starts starts new distributed process, generating a new cache enсryption key(s) and encryption key change operation by sending an initial discovery message with the list of re-encrypted cache groups and encrypted keys (keys are always sent in encrypted form).
The action configured for the distributed process initiates (but doesn't start) configured action initiates a new local re-encryption task on each node. If the node receives the encryption key when re-encryption task was initiated, the current process is aborted and task is cancelled.
The coordinator starts a new distributed process by sending the encryption key(s) to begin re-encryption when the preparation phase is completed without errors.
Each node verifies the encryption key from the request with the re-encryption task key and ensures that task was not cancelled. If the verification is successful, the node starts local re-encryption task, otherwise the process is aborted.

...