Versions Compared

Old Version 3

changes.mady.by.user Former user

Saved on

compared with

New Version 4

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

However, when securing passwords of more product-specific configuration files such as data service configurations, there are slight differences in the steps , as illustrated belowmay vary.

WSO2 Data Services Server provides the feature to securely store sensitive data such as password fields in data service configuration files, using the Secure Vault functionality. Users can encrypt their passwords using tokens instead of the actual password inside the data service configuration file. This guide will explain you The instructions below explain how to secure your password passwords in a data-source configuration. 

Step 1 - . Run ciphertool script from <CARBON_HOME>/bin directory

  • Linux: sh ciphertool.sh -Dconfigure
  • Windows: ciphertool.bat -Dconfigure

...

Step 2 - Encrypt . To encrypt the plain text using ciphertool

 

Again , run the ciphertool script again without '-Dconfigure' option.

It will ask for the KeyStore Password of the running Carbon Serverinstance. The default value of the KeyStore password is 'wso2carbon'. Then provide the plain text value that need needs to be encrypted . It and the tool will return you the encrypted text value.

Image Added

3. Update the <CARBON_HOME>/repository/conf/security/cipher-text.properties file by adding a new alias (any name of your preference) and the encrypted value. For example,

Code Block
DSS.Samples.DB.Pwd=d6RmzIGebavMJULd1F2FBjIz0jKw469xwB7LRZF8q50alZ+wr6ueQOGudXz/csK5/srP3us2aI9w\nm/mW+j/P+lWad3g7kgah8koBxSxfM/W911vl9ipcndxfBl4tT0gi/AS1PEqzOhdrI34mrrEiOId7\nov/aWbQ7fm6ChAOz6Ak\=

4. Log on to the product's management console and select  "Data Services -> Create" under the "Main" menu.

Image Added

5. The "Create Data Service" page appears. Fill in the fields and click "Next". The Data Service name is mandatory.

Image Added

6. The "Add New Data Source" page appears. Fill in the fields accordingly.

Select the "Use as Secret Alias" option. In the "Password" filed, provide the alias name instead of the actual password.

Image Added

7. The namespace and alias will be added to the .dbs file as follows.

Image Added

Excerpt
hiddentrue

Instructions to secure passwords in Data Services configuration files.