Sun OpenSSO Enterprise Policy Agent 3.0 User's Guide for J2EE Agents

agentadmin --getEncryptKey

This section demonstrates the format and use of the agentadmin command with the --getEncryptKey option.

Example 3–16 Command Format: agentadmin --getEncryptKey

The following example illustrates the format of the agentadmin command with the --getEncryptKey option:

./agentadmin --getEncryptKey

No arguments are currently supported with the agentadmin command when using the --getEncryptKey option.

Example 3–17 Command Usage: agentadmin --getEncryptKey

This option may be used in conjunction with the --encrypt option to encrypt and decrypt sensitive information in the file. Issuing the agentadmin command with the --getEncryptKey option generates a new encryption key for the agent.

For example, the following text demonstrates the type of output that would result from issuing this command:

./agentadmin -getEncryptKey

Agent Encryption Key : k1441g4EejuOgsPlFOSg+m6P5x7/G9rb

The encryption key is stored in the file. Therefore, once you generate a new encryption key, use it to replace the value of the property that is currently used to store the encryption key. The following property in the file stores the encryption key:


For example, using the encryption key example provided previously, updating the encryption key value for the applicable agent property could appear as follows:

am.encryption.pwd = k1441g4EejuOgsPlFOSg+m6P5x7/G9rb

Once you have updated the file with the new encryption key, issue the agentadmin --encrypt command to actually encrypt a password. The --encrypt option uses the encryption key in its processing.