Page Comparison

...

Use the osgi console encrypt command to encrypt a clear text password
1. Go to to the osgi console and type encrypt <password> and press return e.g.
  Code Block
  theme Midnight
  title Encrypting a password
  osgi> encrypt My$upaSekrutP@sswurd ENCKPXBCTMGGMKBGKPK
Copy the encrypted password from the console and paste it back into the configuration file replacing the original password
Code Block
language xml
title Before encrypting password
<username>bob</username> <password>My$upaSekrutP@sswurd<password>
Code Block
language xml
title After encrypting password
<username>bob</username> <password>ENCKPXBCTMGGMKBGKPK<password>

Info

The encryption key used to encrypt the passwords is stored in the file called private.key located in the Weave folder.

This file is generated the first time Weave starts and will be unique for each Weave instance, which means that encrypting the same password with different instances of Weave would result in different encrypted text.

This means that if you want to re-use the same configuration files on multiple Weave instances, for example development and production, then you need to either:

Copy the private.key file from the server where the passwords were encrypted to the other server, so the encryption/decryption key is the same on both instances.
Extract the passwords from being directly included in the XML and set them in a separate XML file that you include into your config and encrypt the passwords on both Weave instances and have the different passwords set in the password XML file.

Additionally, for extra security the permissions on that file should be set to only allow the users running the Weave instance to read the private.key file.

Info

Also refer to the following sections of the Weave System Administrator Guides:

Versions Compared

Old Version 4

New Version 5

Key

Related articles