test

Sun OpenSSO Enterprise Policy Agent 3.0 User's Guide for J2EE Agents

agentadmin --encrypt

This section demonstrates the format and use of the agentadmin command with the --encrypt option.

Example 3–14 Command Format: agentadmin --encrypt

The following example illustrates the format of the agentadmin command with the --encrypt option.


./agentadmin --encrypt AgentInstance-Dir agentpasswordfile

The following arguments are supported with the agentadmin command when using the --encrypt option:

AgentInstance-Dir

Use this option to specify which agent instance directory, therefore which agent instance such as Agent_002, for which the given password file will be encrypted. Encryption functionality requires that an encryption key be available for an agent instance. Therefore, a default encryption key can be assigned by the agent during agent installation. You can also assign an encryption key yourself. The encryption key is stored in the OpenSSOAgentBootstrap.properties file. For example:

am.encryption.pwd = EphgFHmF6X3XmMjYGCUtYHSYA9C7qQlk
agentpasswordfile

Use this option to specify the full path to the password file that contains a clear text agent password to be encrypted.

The password file should be created as an agent pre-installation task.

Example 3–15 Command Usage: agentadmin --encrypt

Issuing the agentadmin command with the --encrypt option enables you to change the password for an existing agent profile in OpenSSO Enterprise after the agent is installed.

For example, issuing the following command encrypts the password file, pwfile1 for the agent instance directory Agent_001:


./agentadmin --encrypt Agent_001 pwfile1

The following is an example of an encrypted value:


ASEWEJIowNBJHTv1UGD324kmT==

Each agent uses a unique agent ID and password to communicate with OpenSSO Enterprise. Once the agent profile for a specific agent has been created in OpenSSO Enterprise, the installer assigns the Policy Agent profile name and encrypted password in the respective agent instance. If you choose a new password for the Policy Agent profile, encrypt it and enter that encrypted password in the OpenSSOAgentBootstrap.properties as the value for the following property:


com.iplanet.am.service.secret