1. Home
  2. Custom Installation
  3. Encrypting parameter file – falcon.properties
  1. Home
  2. Security
  3. Encrypting parameter file – falcon.properties
  1. Home
  2. How-To Guides
  3. Encrypting parameter file – falcon.properties

Encrypting parameter file – falcon.properties

Latest Version

Falcon Deploy property file encryption is available starting version 2.0.0. Please upgrade to latest version to use this functionality. It is available for Community and Enterprise Editions of Falcon Deploy.

It is recommended to do the steps below after you have validated your installation. You should have a working version of the application before you attempt to secure the setup. Falcon Deploy configures the properties file during post installation setup.

The properties are key=value pairs. We supply the key that has an existing value configured already. The wallet utility captures the value from the falcon.properties file using the supplied key, then encrypts and writes it back to the properties file.

Wallet Utility

Deploy the latest War file. Falcon Deploy will unpack the wallet application in ${FALCON_HOME}/bin

$ id
uid=11777(falcon) gid=11777(deploy) groups=11777(deploy),10(wheel) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
$ cd $FALCON_HOME/bin
$ ls -ltr
total 6364
-rw-rw----. 1 tomcat deploy 6361424 Sep 27 03:01 mysql
-rw-rw----. 1 tomcat deploy  148859 Sep 27 03:01 wallet_utl.jar

Wallet Password

Start by securing the wallet with a password. It is important that you remember the wallet password. Run the utility as shown below.

$ java -jar wallet_utl.jar
Enter new value for wallet password:******
Re-Enter new value for wallet password:******

Press Ctrl-C at any time to exit out of the menu. The wallet password is encrypted and stored in ${FALCON_HOME}/wallet_utl/cred.txt

Encrypt a property value

Use option 1 to encrypt a property value. Supply the key as the first input and value as the second input.

$ java -jar wallet_utl.jar
Enter wallet password for login:

Enter any of following option to continue
1. Set key
2. Reset key
3. Show key
4. Show all
5. Show key decrypt
6. Show all decrypt
7. Modify wallet password

Enter you option:1
Enter key:datasource.password
Enter value:<your-falcon-schema-password>
Value encrypted successfully.

Do you want to continue [y/n]?

Wallet Options

Here’s the list of functions available with the wallet utility.

  1. Set key – Use to encrypt a key=value pair.
  2. Reset key – Use to reset the parameter value to null.
  3. Show key – Use to show the value for given key. Value will be shown as it is stored in the file.
  4. Show all – Use to show all the key=value pairs.
  5. Show key decrypt – Use to show the decrypted value of a key.
  6. Show all decrypt – Use to decrypt and show all the key=value pairs.
  7. Modify wallet password – Use to change the wallet password.
Updated on September 27, 2019

Related Articles