Skip to content
Open
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
29 changes: 29 additions & 0 deletions modules/reference/pages/command/featureUtility-commands.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -132,6 +132,35 @@ remoteRepo2.user=operator
remoteRepo2.password={aes}KM8dhwcv892Ss1sawu9R+
----

=== Encrypt repository passwords

For security, passwords in the `featureUtility.properties` file should be encrypted using the AES encryption algorithm. Use the `securityUtility encode` command to encrypt passwords before adding them to the properties file.
Comment thread
riyaaroraa marked this conversation as resolved.
Outdated

To encrypt a password, run the following command:
Comment thread
riyaaroraa marked this conversation as resolved.
Outdated

----
securityUtility encode --encoding=aes myPassword
----

The command outputs the encrypted password in the format `{aes}encryptedValue`. Copy this encrypted value and use it as the password in your `featureUtility.properties` file, as shown in the previous example.

If you use an unencrypted password in the `featureUtility.properties` file, the `featureUtility` commands display the following warning message:

----
CWWKF1374E: The password is not encrypted. Password must be encrypted using the securityUtility command with the AES cryptography algorithm as the recommended --encoding option.
Comment thread
riyaaroraa marked this conversation as resolved.
Outdated
----


=== Specify the AES encryption key

By default, featureUtility uses the Liberty default AES encryption key to decrypt passwords. If you encrypted your password with a custom key, you must provide that key to featureUtility using one of the following methods:

* Set the `WLP_AES_ENCRYPTION_KEY` environment variable.
Comment thread
riyaaroraa marked this conversation as resolved.
Outdated
* Specify the `wlp.password.encryption.key` or `wlp.aes.encryption.key` property in the `featureUtility.properties` file.

featureUtility also automatically loads the encryption key from the `bootstrap.properties` or `server.env` file of the specified server when running `featureUtility installServerFeatures`.
For more information about the `securityUtility encode` command, see xref:command/securityUtility-encode.adoc[securityUtility encode].


== Disable Maven Central fallback

Expand Down