As far as I know, CA Directory only encrypts userPassword attribute. Anything else needs to be encrypted outside of DSA and presented to DSA to get stored as an attribute value.
Kindly check below urls. it may help to you.
The link which you have shared has hashing technique for default password attribute but we need to use the same technique for custom attribute , For Example : securityAnswer
Note: We are using CA Directory 12.6
Following link also has different hashing techniques for default password attribute .But we need for custom attribute
Also please let me know is there any way to go with AES 128 encryption for custom attributes.
I doubt there is a way to encrypt custom attribute. Did not find a direct answer in the documentation other than the Password Attribute.
mcdju01 @Hitesh_Patel - is this supported in CA Directory ?
There is currently no way of achieving this other than storing attributes an octetString and performing encryption at the client layer. This is not often possible though based on use case.
We have an enhancement request to provide a encrypted data at rest capability which is currently being spec'd out. The intention is to provided this facility after CA Directory 14.0 is released.
Retrieving data ...