WebSphere MQ Adapter 6.5 | webMethods WebSphere MQ Adapter Documentation | webMethods WebSphere MQ Adapter Installation and User’s Guide Documentation | Externalizing Adapter Connection Assets | Encrypting Values for Adapter Connection Assets
Encrypting Values for Adapter Connection Assets
You may want your configuration variables template to use encrypted values for sensitive data such as passwords. Microservices Runtime provides a way to generate an encrypted value which can then be placed in the template.
For encryption, Microservices Runtime uses password handles and the Password-Based Encryption technology installed with Microservices Runtime. A password handles associate a password on the host Microservices Runtime with a corresponding key (or handle). The handle is encrypted as an outbound password using the Password-Based Encryption (PBE) technology.
*The password from the adapter's connection is not stored directly in the node.ndf file. Integration Server uses PassMan utility for securely storing the passwords.
*When you generate a configuration variables template, Microservices Runtime encrypts any passwords that appear as property values in the template.
Software AG recommends that you encrypt all passwords and other sensitive data in your configuration variables templates.
*To encrypt a value
1. Open the Microservices Runtime Administrator for the that you want to use to generate an encrypted value.
2. In the Microservices menu of the Navigation panel, click Configuration Variables.
3. On the Microservices > Configuration Variables page, click Generate Encrypted Configuration Variables.
4. In the Generate Encrypted Configuration Variables page, enter the value to encrypt in the Value field.
By default, Microservices Runtime Administrator masks any characters that you enter in the Value field. Click the Show Value check box, if you want Microservices Runtime Administrator to display the characters in clear text.
5. Click Encrypt.
Microservices Runtime encrypts the value and displays the encrypted value in the Encrypted Value field.
6. Click Copy to copy the encrypted value to the clipboard.
7. Open the Adapter configuration properties file to which you want to add the encrypted value, locate the key for which you want to use the value, and then paste the copied value into the file.
8. Execute Externalize Docker commands.
When running a Microservices Runtime image in a Docker container, you can specify the configuration variables template and/or environment (ENV) variables in the docker run command.
The following docker run command uses the SAG_IS_CONFIG_PROPERTIES ENV variable to specify the name and location of the configuration variables template. In this example, the Docker image for the Microservices Runtime is named is:microPkg and exposes ports 5555 and 9999. Additionally, the application.properties file location is accessible by the Docker container.
docker run -d --name IS_Default -p 3333:5555 -p 9999 -v /opt/data:/opt/data 
-e SAG_IS_CONFIG_PROPERTIES=/opt/data/application.properties is:microPkg