- Instructions to use Cypher Tool to encrypt user credentials and place them in dse_config.properties file:
1)Download “CypherTool.jar” file.
2)Place the “CypherTool.jar” in the same user defined folder where dse_config.properties file is located ($DSE_HOME)
3)Open command prompt and navigate to the folder where “CypherTool.jar” is located.
4)Copy and paste the following statement in the command prompt, updating values in [] as detailed below:
java -cp ./CypherTool.jar gov.epa.apps.tools.CypherGenerator [Client] [State_Code] [Type] [Credential]
Field / Description[Client] / Valid Values:
state
batch
s2c
c2s
[State_Code] / Two character Primacy Agency code associated with user account
[Type] / Valid Values:
usr
pwd
[Credential] / User name or password for Encryption
The following table shows examples of the different values that can be entered in the cypher tool and the corresponding variable in the dse_config.properties file:
[Client][State_Code][Type][Credential] / dse_config.properties Variablejava -cp ./CypherTool.jar gov.epa.apps.tools.CypherGenerator state [State_Code] usr{state db username} / state.db.username
java -cp ./CypherTool.jar gov.epa.apps.tools.CypherGenerator state [State_Code] pwd{state db password} / state.db.password
java -cp ./CypherTool.jar gov.epa.apps.tools.CypherGenerator batch [State_Code] usr{batch db username} / batch.jdbc.user
java -cp ./CypherTool.jar gov.epa.apps.tools.CypherGenerator batch [State_Code] pwd{batch db password} / batch.jdbc.password
java -cp ./CypherTool.jar gov.epa.apps.tools.CypherGenerator s2c [State_Code] usr{SCS state admin username} / s2c.rest.uid
java -cp ./CypherTool.jar gov.epa.apps.tools.CypherGenerator s2c [State_Code] pwd{SCS state admin password} / s2c.rest.pwd
java -cp ./CypherTool.jar gov.epa.apps.tools.CypherGenerator c2s [State_Code] usr{SCS state admin username} / c2s.rest.uid
java -cp ./CypherTool.jar gov.epa.apps.tools.CypherGenerator c2s [State_Code] pwd{SCS state admin password} / c2s.rest.pwd
Note: Values are CASE sensitive and will produce a different key for UPPER and LOWER case values.
5)Update the statement in the command prompt and hit <enter> to get the encrypted value
- Below screenshot shows the command and result in command prompt
- “plain-text” and “decr-text” should show the original value. If they are the same “verified” will be true, else false.
The encrypted key (value following “encr-text”) should be copied into the dse_config.properties file as noted in table above
*******
- Below instruction are for users who are having trouble copying “encr-text” from the command prompt.
1)Download “DSE_encrypt.bat” file and place it in user definedfolder where “CypherTool.jar” is located ($DSE_HOME)
2)Open “DSE_encrypt.bat” in notepad++ and replace all values with squarebraces [] with actual values
Note: Refer to step 4 in the above section (I.) for help with replacing values.
3)Open command prompt and navigate to the user defined folder where “DSE_encrypt.bat” file is saved
4)Execute the following command, replacing curly braces with actual values:
DSE_encrypt.bat > {NameOfOutputFile}
5)Eg:
6)The ({NameOfOutputFile}) will be generated in user defined folder and contain all the encrypted credentials
7)Make sure to delete the ({NameOfOutputFile}) once all encrypted values are copied to “dse_config.properties”, as it contains the encrypted information.