Falcon Deploy property file encryption is available starting version 2.0.0. Please upgrade to latest version to use this functionality. It is available for Community and Enterprise Editions of Falcon Deploy.
It is recommended to do the steps below after you have validated your installation. You should have a working version of the application before you attempt to secure the setup. Falcon Deploy configures the properties file during post installation setup.
The properties are key=value pairs. We supply the key that has an existing value configured already. The wallet utility captures the value from the falcon.properties file using the supplied key, then encrypts and writes it back to the properties file.
Deploy the latest War file. Falcon Deploy will unpack the wallet application in
$ id uid=11777(falcon) gid=11777(deploy) groups=11777(deploy),10(wheel) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 $ cd $FALCON_HOME/bin $ ls -ltr total 6364 -rw-rw----. 1 tomcat deploy 6361424 Sep 27 03:01 mysql -rw-rw----. 1 tomcat deploy 148859 Sep 27 03:01 wallet_utl.jar
Start by securing the wallet with a password. It is important that you remember the wallet password. Run the utility as shown below.
$ java -jar wallet_utl.jar Enter new value for wallet password:****** Re-Enter new value for wallet password:******
Ctrl-C at any time to exit out of the menu. The wallet password is encrypted and stored in
Encrypt a property value
Use option 1 to encrypt a property value. Supply the key as the first input and value as the second input.
$ java -jar wallet_utl.jar Enter wallet password for login: Enter any of following option to continue 1. Set key 2. Reset key 3. Show key 4. Show all 5. Show key decrypt 6. Show all decrypt 7. Modify wallet password Enter you option:1 Enter key:datasource.password Enter value:<your-falcon-schema-password> Value encrypted successfully. Do you want to continue [y/n]?
Here’s the list of functions available with the wallet utility.
- Set key – Use to encrypt a key=value pair.
- Reset key – Use to reset the parameter value to null.
- Show key – Use to show the value for given key. Value will be shown as it is stored in the file.
- Show all – Use to show all the key=value pairs.
- Show key decrypt – Use to show the decrypted value of a key.
- Show all decrypt – Use to decrypt and show all the key=value pairs.
- Modify wallet password – Use to change the wallet password.