Encrypt Passwords

OpenText recommends that you encrypt all passwords that you enter into a configuration file.

Create a Key File

A key file is required to use AES encryption. You can use this key file for password encryption, and you can use it in the SecurityInfoKeys configuration parameter to encrypt and decrypt IDOL security information.

CAUTION: To keep your passwords secure, you must protect the key file. Set the permissions on the key file so that only authorized users and processes can read it. IDOL Proxy Component must be able to read the key file to decrypt passwords, so do not move or rename it.

Encrypt a Password

The following procedure describes how to encrypt a password.

Decrypt a Password

The following procedure describes how to decrypt a password.

Encrypt Secrets with HashiCorp Vault

The following procedure describes how to use the autpassword utility to encrypt secret parameter values with a HashiCorp Vault Transit secrets engine. The encryption key is stored in the Vault, and the IDOL component can use HashiCorp Vault to decrypt the value when it is needed.