LinkedIn
Copied!

Table of Contents

Enabling password encryption for BIX command-line extractions

Version:

Only available versions of this content are shown in the dropdown

Enable security for the database username and password by implementing a Java Cryptography Extension (JCE) keyring encryption. To do so, create a pegarules.keyring file and append the encryption information to your command-line extraction Java method.

Business Intelligence Exchange (BIX) command-line extract files store usernames and passwords within log and configuration files in plain text. Enabling password encryption for BIX command-line extractions stores usernames and passwords in an encrypted form.

For additional details on creating a keyring for other instances of database password, see article How To Encrypt Database Passwords Using a JCE Keyring file.

  1. Open the prconfig.xml file with your text and source-code editor, such as Notepad++.

  2. Below the line that contains the element <env name="database/databases/PegaDATA/password" value="a_password " />, add the following keyring prefix element to create the BIX-extract.kerying: <env name="identification/KeyringPrefix" value="BIX-extract" />

  3. Specify an encryption algorithm by adding the following identification/KeyringAlgorithm element:

  4. <env name="identification/KeyringAlgorithm" value="AES" />

  5. Specify the length of the key that you want to use to encrypt the file by adding the following identification/KeyringLength element:

  6. <env name="identification/KeyringLength" value="256" />

  7. Save and close the prconfig.xml file.

  8. Run your command-line extraction with the following changes:

    1. Add the KeyringImpl Java class: com.pega.pegarules.crpyto.KeyringImpl

    2. Add the directory and file name in which you want to generate the pegarules.keyring file.

      .\config\pegarules.keyring
    3. Add the directory location of the prconfig.xml file.

      .\config\prconfig.xml
    4. Add the Extract Java class and its distribution directory.

      C:\imp com.pega.pegarules.data.internal.access.ExtractImpl

    For details about running a command-line extraction process, see Running a BIX command-line extraction.

    Full encryption information:com.pega.pegarules.crpyto.KeyringImpl .\config\pegarules.keyring .\config\prconfig.xml C:\imp com.pega.pegarules.data.internal.access.ExtractImplFull command-line extraction with appended encryption information:java –Xms512m –Xmx768m –classpath".;lib\prbootstrap-api.jar;lib\prbootstrap.jar;lib\prdbcp.jar;lib\db2jcc_v95.jar;lib\jsr94-1.0.jar;$CLASSPATH$ -Dcom.pega.pegarules.bootstrap.properties.url=config\prbootstrap.properties -Dpegarules.config=config\prconfig.xml -Dpegarules.logging.configuration=config\prlog4j2.xml -Dcom.pega.pegarules.bootstrap.ignorejndi=true com.pega.pegarules.pub.PegaRULES com.pega.pegarules.crpyto.KeyringImpl .\config\pegarules.keyring .\config\prconfig.xml C:\imp com.pega.pegarules.data.internal.access.ExtractImpl -i PegaSample!SampleBIX

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.