Updating the Encryption Key on IBM WebSphere

On IBM WebSphere, PSCipher.bat and psvault key file are stored in the following location:

<PIA_HOME>\webserv\<Node_Server>\<APPLICATION>.ear

To update the encryption key:

  1. Run <PIA_HOME>\webserv\<Node_Server>\<APPLICATION>.ear PSCipher –buildkey to create a new key in the key file.

    For example,

    c:\>cd ptinstall\webserv\DS9Node_DS9Node_server1\peoplesoft.ear 
c:\ptinstall\webserv\DS9Node_DS9Node_server1\peoplesoft.ear>PSCipher.bat -buildkey
Your environment has been set.
A new key of version {V1.2} is generated successfully

  2. Copy <PIA_HOME>\webserv\<Node_Server>\<APPLICATION>.ear\psvault to the equivalent location on all other web server hosts and to <PS_HOME>\secvault\psvault on all application servers in your system.

  3. Modify the encrypted text fields as described in the following sections.

The configuration.properties file is located in the following directory:

<PIA_HOME>\webserv\<Node_Server>\<APPLICATION>.ear\PORTAL\WEB-INF\psftdocs\ps\

The following encrypted text values in the configuration.properties file need to updated:

WebUserId={V1.1}et5LM5/C2fQPVWt5cztapg==
WebPassword={V1.1}et5LM5/C2fQPVWt5cztapg==

Submit the values for these properties to PSCipher, and copy the generated encrypted text to the WebUserID and WebPassword properties in the configuration.properties file, overwriting any previous value assigned to the property.

On the Integration Gateway, you need to modify the following files:

  • gatewayUserProfile.xml

  • integrationGateway.properties

The gatewayUserProfile.xml file is located in the following directory:

<PIA_HOME>\webserv\<Node_Server>\<APPLICATION>.ear\PSIGW\WEB-INF\

In the gatewayUserProfile.xml file, update the following text value:

<password>{V1.1}GD9klUFw8760HVaqeT4pkg==</password>

Note: There can be more than one password field in this file. There could be different <password></password> entries for different users. You should use PSCipher to encrypt all <password></password> entries.

Submit the values for these properties to PSCipher, and copy the generated encrypted text to the <password></password> entry in the gatewayUserProfile.xml file, overwriting any previous value.

The integrationGateway.properties file is located in the following directory:

<PIA_HOME>\webserv\<Node_Server>\<APPLICATION>.ear\PSIGW\WEB-INF\

Update the following text values stored in the integrationGateway.properties file.

Note: If you are not currently assigning a value to one of the following properties, you don't need to supply a value.

  • ig.isc.password=

  • ig.isc.$NODENAME.password=

  • #ig.certificatePasswd=

  • secureFileKeystorePasswd=

  • #ig.jms.JMSTargetConnector.JMSProvider.Password=

  • # ig.jms.Queue1.Password=

  • # ig.jms.Topic1.Password=

  • #ig.jms.Topic1.NodePassword=

Submit the values for these properties to PSCipher, and copy the generated encrypted text to the corresponding entries in the integrationGateway.properties file, overwriting any previous value.

You need to update the wss.properties file used for Web Services Remote Portal (WSRP) and Web Services Security (WSS).

The wss.properties file needs to be updated in the following locations:

  • ...applications/peoplesoft/PSIGW.war\WEB-INF\classes (for Weblogic)

  • <PIA_HOME>\webserv\<Node_Server>\<APPLICATION>.ear\PSIGW.war\WEB-INF\classes (for Websphere)

Update the following text entry in the wss.properties file in both locations:

org.apache.ws.security.crypto.merlin.keystore.password=

Submit each password value to PSCipher, and copy the generated encrypted text to the corresponding entries in the wss.properties file, overwriting any previous value.