Agents in the Policy Agent software set must authenticate with the OpenSSO Enterprise server in order for the two components to interact. To authenticate, the agent must provide its name (the agent profile name) and agent profile password. This password was established and encrypted as part of the web agent installation process. For more information, see Creating a Web Agent Profile in Policy Agent 3.0. However, you can change this password if you choose.
The agent profile password can be updated with a combination of configuration steps involving both the OpenSSO Enterprise Console and the OpenSSOAgentBootstrap.properties file. The agent profile password should originally be created either prior to agent installation. However, after you install a web agent, you can update the agent profile password at anytime.
The instructions that follow describe how to change agent profile password.
Using a browser, navigate through OpenSSO Enterprise Console to the web agent properties of the agent that you want to configure.
For the steps to navigate to the web agent properties, see To Navigate in the OpenSSO Enterprise 8.0 Console to the Web Agent Properties.
Update the agent profile password in the web agent properties section as described in the substeps that follow:
Update or create an agent profile password in a password file as described in the substeps that follow.
The password file should originally have been created as a web agent pre-installation task.
(Conditional) If an ASCII text agent password file does not already exist, create one .
For example, create a file such as the following: /tmp/pwf1
Using a text editor, enter in clear text on the first line, (or replace the original password, if one already exists with) the password you just updated in OpenSSO Enterprise Console.
In the command line, issue the agentadmin --encrypt command to encrypt the new password.
For example:
PolicyAgent-base/bin/agentadmin --encrypt Agent_001 /tmp/pwf1
The agentadmin program returns the new encrypted password with a message such as the following:
The encrypted value is: nMXvXoCgWAAbTomKJ6H5/g==
For more information on this command, see agentadmin --encrypt.
Copy the encrypted value that is returned.
Using a text editor of your choice, access the web agent OpenSSOAgentBootstrap.properties configuration file at the following location:
PolicyAgent-base/AgentInstance-Dir/config
In the bootstrap configuration file, edit the property for the agent password by pasting the encrypted password, and therefore replacing the original value of the encrypted password, as shown:
com.sun.identity.agents.config.password = encryptedPassword
where encryptedPassword represents the new encrypted password you created when you issued the agentadmin --encrypt command.
This property is set in a manner similar to the following:
com.sun.identity.agents.config.password = nMXvXoCgWAAbTomKJ6H5/g==
Restart the web agent container.
The container must be restarted for the changes to the bootstrap file to take effect.