ESP provides two utilities for encryption, esp_cluster_admin and esp_encrypt. These utilities support password encryption for internal adapter, service, cluster, and project configuration files. Event Stream Processor also provides the encrypt.sh and encrypt.bat scripts for encrypting passwords in external adapter configuration files.
$ESP_HOME/bin/esp_cluster_admin --uri=esp[s]://<host>:<port> --username=<user-name> --password=<password>The esp_encrypt utility encrypts passwords in the cluster and for the web services provider, as well as cluster SSL files. Call it from a command line:
$ESP_HOME/bin/esp_encrypt [options...]For more information on the utilities and their supported commands, see the Utilities Guide.
Event Stream Processor provides a pair of scripts useful for encrypting external adapter configuration values and testing decryption of the encrypted values.
The encrypt.sh/bat and decrypt.sh/bat are available at $ESP_HOME/adapters. These are independent utilities that can encrypt or decrypt using any independent keystore. Values you need to supply include keystore, alias, and the keystore password.
| Encrypt... | In the file... | Using the utility or script... |
|---|---|---|
| Cache password | <node-name>.xml | esp_encrypt |
| Keystore password | <node-name>.xml | esp_encrypt |
| Key password | <node-name>.xml | esp_encrypt |
| Project configuration file (CCR) password | <project-name>.ccr | esp_cluster_admin |
| Adapter CNXML file password | <adapter>.cnxml | esp_cluster_admin |
| Database service configuration file password | service.xml | esp_cluster_admin |
| SSL files (server.key and server.crt) | <node-name>.xml (referenced only) | esp_encrypt |
| Java external adapter configuration file password | encrypt.sh or encrypt.bat | |
| Adapter configuration files | adapter.xml; adapter_config.xml | encrypt.sh or encrypt.bat |
| Web services provider keystore password | esp_wsp.xml | esp_encrypt |