Hardening
Password encryption
Caution Using this feature in an exisiting configuration can break your Trustbuilder configuration.
Adding more security to the TrustBuilder Passwords is a good practice to a more secure installation. When using a password key file , TrustBuilder uses the key as a symmetric key encryption.
JVM Parameters
This feature is enabled through adding a JVM Option. The file must be readable for the Application Server. It can either be in a file or as a string in JNDI
-DTB_MASTER_PASSWORD=file:/etc/trustbuilder.password
-DTB_MASTER_PASSWORD=jndi:TB_PASSWORD
Password usage with TBtools
To use the symmetric key encryption / decryption with TBtools you must set the file containing the secret as an environment key. export TBMASTERPASSWORD=/etc/trustbuilder.password
Comments
Please sign in to leave a comment.