Password encryption
For added security, consider encrypting your passwords in the application.yaml file. This feature is only supported for JAR (Spring Boot) distributables.
The following table identifies which passwords can be encrypted and where you can find them in the application.yaml file:
| File section | Settings |
|---|---|
| jetty > SSL |
|
| serverSetting' |
|
| serverSettings > samlSettings |
|
| serverSettings > accountManagement > smtpServer |
|
| cassandraCluster |
|
Procedure: Encrypting passwords
Start
- Run the GWS application with the --encrypt parameter followed by the password you need to encrypt.
The server won't actually start; the application only encrypts and prints the password. For example:
$ java -jar gws.jar --encrypt ops CRYPT:an03xPrxLAu9p==
- Copy the printed encrypted password and paste into the application.yaml file.
The server only decrypts passwords that start with the CRYPT: prefix. For example:
opsUserName: ops opsUserPassword: CRYPT:an03xPrxLAu9p==
Passwords without the CRYPT: prefix are considered plain text and remain unmodified.
Comments or questions about this documentation? Contact us for support!