This section demonstrates the format and use of the agentadmin command with the --getEncryptKey option.
The following example illustrates the format of the agentadmin command with the --getEncryptKey option:
./agentadmin --getEncryptKey |
No arguments are currently supported with the agentadmin command when using the --getEncryptKey option.
This option may be used in conjunction with the --encrypt option to encrypt and decrypt sensitive information in the OpenSSOAgentBootstrap.properties file. Issuing the agentadmin command with the --getEncryptKey option generates a new encryption key for the agent.
For example, the following text demonstrates the type of output that would result from issuing this command:
./agentadmin -getEncryptKey Agent Encryption Key : k1441g4EejuOgsPlFOSg+m6P5x7/G9rb |
The encryption key is stored in the OpenSSOAgentBootstrap.properties file. Therefore, once you generate a new encryption key, use it to replace the value of the property that is currently used to store the encryption key. The following property in the OpenSSOAgentBootstrap.properties file stores the encryption key:
com.sun.identity.agents.config.key
For example, using the encryption key example provided previously, updating the encryption key value for the applicable agent property could appear as follows:
com.sun.identity.agents.config.key = k1441g4EejuOgsPlFOSg+m6P5x7/G9rb
Once you have updated the OpenSSOAgentBootstrap.properties file with the new encryption key, issue the agentadmin --encrypt command to actually encrypt a password. The --encrypt option uses the encryption key in its processing.