Using the PSCipher Utility

The PSCipher feature encrypts and decrypts text used in your PeopleSoft system. System administrators interact with PSCipher through a Java, command line utility located on the web server, which enables you to encrypt text, such as user IDs and passwords, stored in configuration files. PSCipher also involves a runtime element, running on the application server, that decrypts the encrypted text. The runtime element requires no user interaction.

In previous releases, PSCipher was used, for example, to secure the node IDs and node passwords used in conjunction with PeopleSoft Integration Broker configurations. You can now use the PSCipher command line utility to encrypt (AES) a variety of text values stored in various configuration files throughout your system. In addition, PSCipher also provides:

  • Key generation: You can generate unique encryption keys if you do not want to use the default key.

  • Version maintenance: The key file maintains a version history of all previous versions of the key file, which enables text encrypted with a previous version to be decrypted.

Note: PSCipher decrypts text encrypted in previous releases. For example, PSCipher in Enterprise PeopleTools 8.50 supports text encrypted with PSCipher in Enterprise PeopleTools 8.46.

To encrypt text, you submit text values in the form of arguments that PSCipher encrypts and then displays in its encrypted form. Suppose you needed to encrypt a user ID of "HRDMO" and a password of "DMOPSWD". You would submit these values to PSCipher as follows:

...\pscipher HRDMO


...\pscipher DMOPSWD

PSCipher returns the encrypted form of these submitted text values, which you can then copy to a configuration file to assign to a configuration parameter.

Note: This same procedure will need to be applied whenever you intend to encrypt text using PSCipher. Note that in the following sections of this document it is assumed that you understand how to encrypt the text value.