fteObfuscate: encrypt sensitive data
The fteObfuscate command encrypts sensitive data in credentials files. This stops the contents of credentials files being read by someone who gains access to the file.
Purpose
User name and password properties in credentials files can be obfuscated. These properties are transformed to a new related property, with a Cipher suffix. For example:<!-- MQMFTCredentials properties before --> <tns:logger name="logger1" user="user1" password="passw0rd" /> <tns:file path="$HOME/trust.jks" password="passw0rd" /> <!-- MQMFTCredentials properties after --> <tns:logger name="logger1" userCipher="e71vKCg2pf" passwordCipher="se71vKCg" /> <tns:file path="$HOME/trust.jks" passwordCipher="e71vKCg2pf" /> <!-- ProtocolBridgeCredentials Properties before --> <tns:user name="Fred" serverUserId="fred" serverPassword="passw0rd" /> <!-- ProtocolBridgeCredentials properties after --> <tns:user name="Fred" serverUserIdCipher="e51vVCg2pf" serverPasswordCipher="se51vBCg" /> <!-- ConnectDirectCredentials properties before --> <tns:user name="fteuser" ignorecase="true" pattern="wildcard" cdUserId="cdUser" cdPassword="cdPassword" pnodeUserId="pnodeUser" pnodePassword="pnodePassword"> <tns:snode name="snode1" pattern="wildcard" userId="snodeUser" password="snodePassword"/> </tns:user> <!-- ConnectDirectCredentials properties after --> <tns:user name="fteuser" ignorecase="true" pattern="wildcard" cdUserIdCipher="e71vKCg2pf" cdPasswordCipher="se71vKCg" pnodeUserIdCipher="2f1vgCg6df" pnodePasswordCipher="e71vKCg2pf"> <tns:snode name="snode1" pattern="wildcard" userIdCipher="e51vVCg2pf" passwordCipher="se51vBCg"/> </tns:user>
Syntax
fteObfuscate
Parameter
- -credentialsFile
- Required. Name of the credentials file whose contents will be obfuscated.
- -? or -h
- Optional. Displays command syntax.
Example
In this example, the MQMFTCredentials.xml contents are obfuscated.fteObfuscate -credentialsFile /home/fteuser/MQMFTCredentials.xml
Return codes
- 0
- Command completed successfully.
- 1
- Command ended unsuccessfully.