sagcc exec security encrypt input
The command encrypts user passwords for product configurations included in a properties file, using the environment or global shared secret configured in Command Central. The command encrypts the value of a property in the input file only when the property name is prefixed with @secure, for example @secure.password=value. You can use the encrypted values from the command output in place of clear text passwords when performing bulk operations with multiple passwords. For example, you can copy the command output into a template properties file.
Syntax
Command Central syntax:
sagcc exec security encrypt {--input|-i} fileName.properties
[sharedSecret=sharedSecret] [options]
Not supported on
Platform ManagerArguments and Options
Argument or Option | Description |
{--input|-i} fileName.properties | Required. Specifies the properties file with the product configurations that have user passwords to encrypt. For information about the format of the properties file, see "Format of the Properties File". For information about the {--input|-i} option, see
input. |
[sharedSecret=sharedSecret] | |
[options] | Optional. The command allows all options supported by the Command Line Interface. For a description of the options, see
Common Options. |
Usage Notes
Software AG recommends that you set the encoding of the properties file to UTF-8.
By default, the command writes the output with the encrypted password values to the console. To write the command output to a file, include the
output option.
When you create a new environment with templates, use the same shared secret in the new environment as the shared secret you specified when encrypting the passwords. For example, if you encrypted the passwords with the global shared secret, use the global shared secret for the target installation in the new environment. If you encrypted the passwords with a custom shared secret for the environment, use the same custom shared secret on the target installation.
Format of the Properties File
When you want to encrypt a property in the properties file, you must prefix the property name with `@secure` in the following format: @secure.propertyName=value. Note that the property cannot have a multi-line value. In the following example, if you prefix the password properties with @secure:
# the user name of the administrator user
username=Administrator
# the password of the administrator user
@secure.adminpassword=cleartext_password
# the user name of the database user
username=dbuser
# the password of the database user
@secure.dbpassword=cleartext_password
The command output will return the following:
# the user name of the administrator user
username=Administrator
# the password of the administrator user
adminpassword=encrypted_value
# the user name of the database user
username=dbuser
# the password of the database user
dbpassword=encrypted_value
Examples When Executing on Command Central
To encrypt all password values with the prefix @secure contained in the "prodconfig.properties" file, using the global shared secret configured for Command Central:
sagcc exec security encrypt -i prodconfig.properties
To encrypt all password values with prefix @secure contained in the "prodconfig.properties" file, using the global shared secret configured for Command Central and write the output to a file named "encryptedPasswords.properties":
sagcc exec security encrypt -i prodconfig.properties -o encryptedPasswords.properties