To migrate encrypted passwords on the Windchill RV&S Server
The following procedure outlines the syntax for encryptpassword where no options are specified and you are presented with a text menu to guide you through the migration process.
|
Since all passwords from configuration properties file are encrypted, ensure that there is a process established at your site to safely record or backup the passwords in plain text. By implementing this process, system passwords are available only for the required users.
|
1. Stop the Windchill RV&S server.
2. From the installdir/bin directory, run the following command:
encryptPassword
or
./encryptPassword
In interactive mode, the following options display:
1) Encrypt the existing passwords
2) Change the encrypted passwords
3) Exit
3. To start the encryption process, enter
1. A message is posted to indicate that encrypted passwords are being configured. Any conversion back to a plain text password system must be configured manually. For more information on reverting to plain text server-side passwords, see
“Reverting to Plain Text Server-side Passwords”.
4. To proceed with the encryption, enter y. The application runs and encrypts the target server-side passwords.
Once the application has completed, a confirmation message displays. If this is the first time you have run the encryptPassword application, the is.properties file is stamped with the following flag:
global.encrypt=true
|
After running this application, the encryption.jceks keystore is created automatically in the installdir\data\security\store\ directory. Similarly, the keystore password file secret.key is added to the installdir\data\security\key\ directory. Ensure that this key is manually secured.
|
5. Restart the Windchill RV&S server.