Hardening

Caution Using this feature in an exisiting configuration can break your Trustbuilder configuration.

Adding more security to the TrustBuilder Passwords is a good practice to a more secure installation. When using a password key file , TrustBuilder uses the key as a symmetric key encryption.

JVM Parameters

This feature is enabled through adding a JVM Option. The file must be readable for the Application Server. It can either be in a file or as a string in JNDI

-DTB_MASTER_PASSWORD=file:/etc/trustbuilder.password
-DTB_MASTER_PASSWORD=jndi:TB_PASSWORD

Password usage with TBtools

To use the symmetric key encryption / decryption with TBtools you must set the file containing the secret as an environment key. export TBMASTERPASSWORD=/etc/trustbuilder.password