ThingWorx Flow > Installation and Configuration > Installing ThingWorx Flow > Storing the ThingWorx Flow Secret Keys in the ThingWorx Foundation KeyStore
Storing the ThingWorx Flow Secret Keys in the ThingWorx Foundation KeyStore
Prerequisites
Download the Security Management Tool from the PTC Support Site. To understand the usage and initialize the ThingWorx Foundation KeyStore, see Security Management Tool.
When ThingWorx Flow is installed on a different machine than ThingWorx Foundation, the ThingWorx Flow installer creates the Flowkeys.tar file in the same location where you had copied the ThingWorx Foundation platform_settings.json file. The Flowkeys.tar file contains the following files:
config.json
keyfile-key
keys.enc
Make a note of the location of the Flowkeys.tar file.
Steps
Complete the following steps to import the ThingWorx Flow secrets to the ThingWorx Foundation KeyStore:
1. Copy the Flowkeys.tar file to the machine where the ThingWorx Foundation KeyStore is available.
2. Unzip the contents of the Flowkeys.tar file to any directory on that machine.
3. Modify the config.json file, so that location points to the keys.enc file and keyfile-key-location points to the keyfile-key file.
....
"location": "./keys.enc",
"keyfile-key-location": "./keyfile-key"
....
4. Run the following command to import the ThingWorx Flow secrets to the ThingWorx Foundation KeyStore:
security-common-cli <Path-to-ThingWorx-KeyStore-config> import <Full-path-to-ThingWorx-Flow-KeyStore-config.json-file>
For example: ./security-common-cli keystore.conf import config.json
5. If you have rotated the ThingWorx Flow encryption key as described in Rotating the ThingWorx Flow encryption key, then run the following command to update the value of custom_active_encryption_key in the ThingWorx Foundation KeyStore:
security-common-cli <Path-to-ThingWorx-KeyStore-config> set custom_active_encryption_key "<Rotated-ThingWorx-Flow-encryption-key>"
6. If ThingWorx Foundation is already running, restart ThingWorx Foundation to reload the KeyStore.
Was this helpful?