agentadmin --getEncryptKey

This section demonstrates the format and use of the agentadmin command with the --getEncryptKey option.

Example 2–13 Command Format: agentadmin --getEncryptKey

The following example illustrates the format of the agentadmin command with the --getEncryptKey option:

./agentadmin --getEncryptKey

No arguments are currently supported with the agentadmin command when using the --getEncryptKey option.

Example 2–14 Command Usage: agentadmin --getEncryptKey

This option may be used in conjunction with the --encrypt option to encrypt and decrypt sensitive information in the J2EE agent AMAgent.properties configuration file. Issuing the agentadmin command with the --getEncryptKey option generates a new encryption key for the J2EE agent.

For example, the following text demonstrates the type of output that would result from issuing this command:

./agentadmin -getEncryptKey


Agent Encryption Key : k1441g4EejuOgsPlFOSg+m6P5x7/G9rb

The encryption key is stored in the J2EE agent AMAgent.properties configuration file. Therefore, once you generate a new encryption key, use it to replace the value of the property that is currently used to store the encryption key. The following property in the J2EE agent AMAgent.properties configuration file stores the encryption key:

com.sun.identity.client.encryptionKey

For example, using the encryption key example provided previously, updating the encryption key value in the J2EE agent AMAgent.properties configuration file could appear as follows:

com.sun.identity.client.encryptionKey = k1441g4EejuOgsPlFOSg+m6P5x7/G9rb

Once you have updated the J2EE agent AMAgent.properties configuration file with the new encryption key, issue the agentadmin --encrypt command to actually encrypt a password. The --encrypt option uses the encryption key in its processing.