This section demonstrates the format and use of the agentadmin command with the --getEncryptKey option.
The following example illustrates the format of the agentadmin command with the --getEncryptKey option:
./agentadmin --getEncryptKey |
No arguments are currently supported with the agentadmin command when using the --getEncryptKey option.
This option may be used in conjunction with the --encrypt option to encrypt and decrypt sensitive information in the J2EE agent AMAgent.properties configuration file. Issuing the agentadmin command with the --getEncryptKey option generates a new encryption key for the J2EE agent.
For example, the following text demonstrates the type of output that would result from issuing this command:
./agentadmin -getEncryptKey Agent Encryption Key : k1441g4EejuOgsPlFOSg+m6P5x7/G9rb |
The encryption key is stored in the J2EE agent AMAgent.properties configuration file. Therefore, once you generate a new encryption key, use it to replace the value of the property that is currently used to store the encryption key. The following property in the J2EE agent AMAgent.properties configuration file stores the encryption key:
com.sun.identity.client.encryptionKey
For example, using the encryption key example provided previously, updating the encryption key value in the J2EE agent AMAgent.properties configuration file could appear as follows:
com.sun.identity.client.encryptionKey = k1441g4EejuOgsPlFOSg+m6P5x7/G9rb
Once you have updated the J2EE agent AMAgent.properties configuration file with the new encryption key, issue the agentadmin --encrypt command to actually encrypt a password. The --encrypt option uses the encryption key in its processing.