How to encrypt LDAP admin password in RMS.CDD file used to start Rule Management Server
Article ID: KB0077127
Updated On:
| Products | Versions |
|---|---|
| TIBCO BusinessEvents Enterprise Edition | 5.x |
Description
The property be.auth.ldap.adminPassword currently doesn't accept base64 encoded version of the password and works when you provide text version of the password. This is not ideal for users and using encrypted LDAP admin password in RMS.cdd file is desired.
Issue/Introduction
How to encrypt LDAP admin password in CDD file used to start Rule Management Server (RMS.cdd, property be.auth.ldap.adminPassword)
Environment
All Operating Systems
Resolution
To encrypt the password use TIBCO BusinessEvents utility BE_HOME/studio/bin/studio-tools and execute below command in a console.
<BE_HOME>/studio/bin/studio-tools --propFile <BE_HOME>/studio/bin/studio-tools.tra -crypto encrypt -i <password>
eg:
Update RMS.cdd file with returned password (property be.auth.ldap.adminPassword)
eg:
<property name="be.auth.ldap.adminPassword" value="!FYr+8gUGb22YrEWeDnq2wVHfmmf7YAWagRG5Q/eqktRhatX7U5qwjw=="/>
see following doc section for complete details on all the LDAP specific properties in RMS CDD.
https://docs.tibco.com/pub/businessevents-enterprise/5.5.0/doc/html/GUID-8CD3A456-73D3-4F4B-AC83-ECC675294C46.html
<BE_HOME>/studio/bin/studio-tools --propFile <BE_HOME>/studio/bin/studio-tools.tra -crypto encrypt -i <password>
eg:
<BE_HOME>\studio\bin\studio-tools --propFile D:\tibco\be\5.5\studio\bin\studio-tools.tra -crypto encrypt -i testpassword
org.eclipse.m2e.logback.configuration: The org.eclipse.m2e.logback.configuration bundle was activated before the state location was initialized. Will retry after the state location is initialized.
org.eclipse.m2e.logback.configuration: Logback config file: D:\tibco\be\5.5\studio\workspace\.metadata\.plugins\org.eclipse.m2e.logback.configuration\logback.1.7.0.20160603-1933.xml
SLF4J: Class path contains multiple SLF4J bindings.
SLF4J: Found binding in [bundleresource://1075.fwk1014091582:1/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: Found binding in [bundleresource://1075.fwk1014091582:2/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation.
SLF4J: Actual binding is of type [ch.qos.logback.classic.util.ContextSelectorStaticBinder]
org.eclipse.m2e.logback.configuration: Initializing logback
2019-09-25 17:22:08.037+0200 [main] INFO c.t.security.impl.np.SecurityVendor - Initializing JSSE's crypto provider class com.sun.net.ssl.internal.ssl.Provider in default mode
#!FYr+8gUGb22YrEWeDnq2wVHfmmf7YAWagRG5Q/eqktRhatX7U5qwjw==
Update RMS.cdd file with returned password (property be.auth.ldap.adminPassword)
eg:
<property name="be.auth.ldap.adminPassword" value="!FYr+8gUGb22YrEWeDnq2wVHfmmf7YAWagRG5Q/eqktRhatX7U5qwjw=="/>
see following doc section for complete details on all the LDAP specific properties in RMS CDD.
https://docs.tibco.com/pub/businessevents-enterprise/5.5.0/doc/html/GUID-8CD3A456-73D3-4F4B-AC83-ECC675294C46.html
Additional Information
encrypt, ldap
Feedback
Yes
No
Powered by
