The important facts to know about cipher tool
1 min readNov 19, 2017
- When encrypting the passwords of WSO2 products can follow the documentation [1].
[1]. https://docs.wso2.com/display/ADMIN44x/Encrypting+Passwords+with+Cipher+Tool
- But, there are some important facts to know when using cipher tool.
* Need to consider the alias which used for the passwords.
This is based on WSO2 Identity Server 5.3.0
- When encrypting Userstore ConnectionPassword, should use UserStoreManager.Property.ConnectionPassword as the alias when mentioning the alias in <CARBON_HOME>/repository/conf/security/cipher-tool.properties file.
- If you include a backslash (\) within the ConnectionPassword, need to use two backslashes. Because cipher tool escapes the backslash.
As an example, if you need to encrypt like admin@\123 password as the userstore ConnectionPassword, need to set the ConnectionPassword of cipher-text.properties file in <CARBON_HOME>/repository/conf/security folder as admin@\\123 (with the two backslashes).
This is based on WSO2 API Manager 2.1.0.
- When encrypting the keyStorePassword of <API_HOME>/repository/conf/data-bridge/data-bridge-config.xml file, need to use alias as the DataBridge.Config.keyStorePassword.
This is based on WSO2 EI 6.0.0 and WSO2 EI 6.1.1
- When executing the cipher tool to encrypt passwords, on WSO2 EI 6.1.1 from <EI_HOME>/bin directory got the following error.
- And also when executing the cipher tool to encrypt passwords, on WSO2 EI 6.1.1 as a BPS Profile from <EI_HOME>/wso2/business-process/bin, got the following error.
Exception in thread “main” org.wso2.ciphertool.exception.CipherToolException: File, cipher-standalone-config.properties does not exist.
at org.wso2.ciphertool.utils.Utils.setSystemProperties(Utils.java:247)
at org.wso2.ciphertool.CipherTool.initialize(CipherTool.java:93)
at org.wso2.ciphertool.CipherTool.main(CipherTool.java:52)
- So, need to execute the cipher tool from the <EI_HOME> directory and for EI as a BPS Profile, from <EI_HOME>/wso2/business-process directory using sh bin/ciphertool.sh -Dconfigure command.
