runamscred: protect Java AMS keywords
The runamscred command protects passwords inside Java AMS configuration files.
Purpose
The runamscred command uses the encryption key contained in the file, indicated by one of four options. In order of priority, these are the:- -sf parameter
- MQS_AMSCRED_KEYFILE environment variable
- amscred.keyfile parameter in the configuration file
- Default initial key file if none of the above options is specified.
We should not use this last option.
Syntax
runamscred
Parameters
- -f config_file
- Required. Path to the keystore configuration file to protect
- -sp int
- Optional. Algorithm to use for protecting passwords. The value can be:
- 0
- Use the deprecated credentials protection method.
- 1
- Default. Use the more secure credentials protection method.
- -sf keyfile
- Optional. Path to a file containing the initial key.
- -h
- Optional. Displays command syntax.
Examples
To encrypt a password in the /home/alice/keystore.conf configuration file using the new algorithm, and store it in the new format, issue the following command:runamscred -f /home/alice/keystore.confTo encrypt a password in the /home/alice/keystore.conf configuration file, using an initial key in the /etc/secure/alice_initial.key file, together with the new algorithm, and store it in the new format, issue the following command:
runamscred -sf /etc/secure/alice_initial.key -f /home/alice/keystore.confTo encrypt a password in the C:\Users\alice\keystore.conf configuration file using the new algorithm, and store it in the new format, issue the following command:
runamscred -f C:\Users\alice\keystore.confTo encrypt a password in the C:\Users\alice\keystore.conf configuration file, using an initial key in the C:\secure\alice_initial.key file, together with the new algorithm, and store it in the new format, issue the following command:
runamscred -sf C:\secure\alice_initial.key -f C:\Users\alice\keystore.conf
Return codes
- 0
- Command completed successfully.
- 1
- Command ended unsuccessfully.
Related information