Jump to: navigation, search

Encrypted Configuration Database Password

You can encrypt the password used to access the Configuration Database so that it appears in the Configuration Server logs as an encrypted string of characters.

Important
This encryption does not use the SALT used when encrypting user passwords. See Password Encryption.

Security Benefits

Once encrypted, the password to the Configuration Database is written as an encrypted string of characters into Configuration Server logs. This feature ensures that anyone reading the log cannot obtain the password and use it to access the Configuration Database directly through the DBMS.

Supporting Components

This feature is configured on the Configuration Server accessing the Configuration Database.

Feature Description

All entries in configuration files and logs are readable in plain text, unless explicitly configured to be hidden in some way. You can encrypt your password for accessing the Configuration Database. After password encryption, Configuration Server decrypts the value when reading its configuration file at subsequent startups. It accesses the Configuration Database using the decrypted value, and prints an encrypted string of characters as the password value into the log. In this way, the password does not explicitly appear in the Configuration Server logs.

Feature Configuration

To encrypt the Configuration Database password, do the following:

1. Force Configuration Server to encrypt the password. [+] Show steps
2. Configure the encryption option in the Configuration Server configuration file. [+] Show steps
3. Restart Configuration Server as for a regular operation. Refer to the Framework Deployment Guide for detailed information about starting Configuration Server.

Feedback

Comment on this article:

blog comments powered by Disqus
This page was last modified on May 22, 2018, at 22:35.