Thursday, August 16, 2012

How to encrypt axis2.xml passwords with secure vault

The passwords in xml files (eg: axis2.xml) can be secured from secure vault.
 
Locate cipher-text.properties which can be found at <CARBON_HOME>/repository/conf directory in your WSO2 product. This file contains the alias names and the corresponding plain text password in square brackets.

If you can not find this file in your product,  download it from this [1] svn location.

Configure cipher-text.properties file with your passwords.

The following entry should be added in order to secure the password in axis2.xml
Axis2.Https.Listener.KeyStore.KeyPassword=[wso2carbon]

Locate "ciphertool" script which can be found at <CARBON_HOME>/bin directory. If you can not find this file in your product,  download it from [2] svn location and copy to above location.

Run "ciphertool" script with -Dconfigure option. eg: ciphertool.sh -Dconfigure

The passwords (in axis2.xml) should be encrypted now.

Start the server. In startup, the master password is required. (wso2carbon).

More details available at [3] and [4]

[1] https://svn.wso2.org/repos/wso2/branches/carbon/3.2.0/core/distribution/3.2.0/carbon-home/repository/conf/cipher-text.properties
[2] https://svn.wso2.org/repos/wso2/branches/carbon/3.2.0/core/distribution/3.2.0/carbon-home/bin/
[3] http://pathberiya.blogspot.com/2012/08/secure-plain-text-passwords-in-wso2.html
[4] http://wso2.org/project/carbon/3.2.0/docs/secure_vault.html

No comments:

Post a Comment