+

Search Tips   |   Advanced Search

PropFilePasswordEncoder command reference

The PropFilePasswordEncoder command encodes passwords located in plain text property files. This command encodes both Secure Authentication Server (SAS) property files and non-SAS property files. After you encode the passwords, a decoding command does not exist.

If we need to custom encode passwords in property files, manually edit the PropFilePasswordEncoder.sh or PropFilePasswordEncoder.bat file before issuing this command. See the topic Implementing custom password encryption for a description of the lines to be added to this file.

To enable PropFilePasswordEncoder to print out more a debug message than in previous releases, update the command by entering the following: 

-Dcom.ibm.websphere.security.passwordEncoderDebug=true

(iSeries) To run this script, your user profile must have *ALLOBJ authority.


Syntax

The command syntax is as follows: 

PropFilePasswordEncoder "file_name" { passwordPropertiesList | -SAS } { -noBackup | -Backup } 
    [ -profileName profile ] [ -help | -? ]


Parameters

The following option is available for the PropFilePasswordEncoder command:

(iSeries) fileName

(iSeries) This required parameter specifies the name of the file in which passwords are encoded.

file_name

This required parameter specifies the name of the file in which passwords are encoded.

passwordPropertiesList

Required if we are encoding passwords in property files other than the sas.client.props file. Specify one or more password properties to encode. The password properties list should be delimited by commas.

-SAS

Required if we are encoding passwords in the sas.client.props file.

(iSeries) -profileName

(iSeries) Optional. The profile value specifies an application server profile name. The script uses the password encoding algorithm that it retrieves from the specified profile. If we do not specify this parameter, the script uses the default profile.

-noBackup

Optional and the default. The script does not create a backup file. The default value can be altered by adding following Java System Property: "-Dcom.ibm.websphere.security.util.createBackup=true".

-Backup

Optional. The script creates a backup file, <file_name>.bak, which contains passwords in clear text.

-profileName

Optional. The profile value specifies an application server profile name. The script uses the password encoding algorithm that it retrieves from the specified profile. If we do not specify this parameter, the script uses the default profile.

-help or -?

If specified, the script ignores all other parameters and displays usage text.

(iSeries) The following command encodes the passwords in the soap.client.props file for the default stand-alone application server profile: 

app_server_root/bin/PropFilePasswordEncoder
  profile_root/default/properties/soap.client.props
com.ibm.SOAP.loginPassword,com.ibm.ssl.keyStorePassword,com.ibm.ssl.trustStorePassword

These commands are displayed on multiple lines for illustrative purposes only.

  • Encoding passwords in files
  • (iSeries) Manually encoding passwords in properties files
  • Implement custom password encryption