Oracle® Business Intelligence Enterprise Edition Deployment Guide > Using the CryptoTools Utility >

Credstore Sub-Commands


The supported sub-command for CryptoTools is credentialstore (or credstore).

This sub-command is used to manipulate the credential store XML file. It can be used to add, remove and overwrite credentials from the XML file. It can also be used to create a new credential store file.

NOTE:  The use of other CryptoTools sub-commands is not supported.

Immediately following the credstore sub-command, an option must be specified. The sub-command options are shown in the following table.

NOTE:  The parameters may be passed on the command line. The user is prompted for any parameters not supplied on the command line.

Option
Description
Parameter
Param Description

new

Creates a new credential store file and adds a username/password credential to it.

outFile

The path to the new credential store file.

alias

The alias of the new credential.

username

The username for the new credential.

password

The password for the new credential.

passphrase

The passphrase used to encrypt the password.

noenc

If this option is specified, password encryption is disabled. If a passphrase is supplied on the command line, this parameter is ignored and encryption is enabled.

writePassphrase

Whether or not to embed the encryption passphrase into the final XML. For security reasons, it is recommended that the passphrase not be written in the file, since unauthorized access to the credential store file will reveal the user password. Instead, the encryption passphrase should be supplied in the Oracle BI configuration files. For more information, see chapter Oracle Business Intelligence BI Presentation Services Credential Store in this guide.

add

Adds a new username and encrypted password credential to a credential store file. The parameters for this command are identical to those for the new command with the additions shown. All required parameters are supplied on the command line.

inFile

The path and the file name of an existing credential store file. If no such file exists, the tool starts with an empty credential store, thus making this command equivalent to the new command.

outFile

The path where the resultant store is written. If this is not supplied, the tool defaults to the path and file supplied with the inFile parameter.

addx509

Adds a new X.509 credential to a credential store file.

inFile

The path and file name of an existing credential store file. If no such file exists, the tool starts with an empty credential store.

outFile

The path where the resultant store is written. If this is not supplied, the tool defaults to the path and file supplied with the inFile parameter.

alias

The alias of the new credential.

certfile

The path to a PEM or ASN1 encoded certificate file.

certencoding

The encoding for the certificate file. If not supplied, no explicit encoding is stored in the credential store, and an encoding is guessed at runtime based on the filename.

keyfile

The path to a PEM or ASN1 encoded (possibly encrypted) private key file.

keyencoding

The encoding for the key file. If not supplied, no explicit encoding is stored in the credential store, and an encoding is guessed at runtime based on the filename.

keypass

If the private key file is encrypted and the user wants to embed the passphrase for decryption right into the credential store XML file, then this parameter is required. For security reasons, it is recommended that this not be done since unauthorized access to the credential store file will reveal the private key. Instead, supply the encryption passphrase in the Oracle BI configuration files. For more information, see Oracle BI Presentation Services Credential Store.

remove

Removes a credential identified by the alias from an existing file.

inFile

The path and file name of an existing credential store file.

alias

The alias of the credential to be removed.

 

 

list

Lists all entries in an existing credential store file.

inFile

The path to an existing credential store file.

Oracle® Business Intelligence Enterprise Edition Deployment Guide Copyright © 2006, Oracle. All rights reserved.