Controlling SSL Encryption for the PowerDesigner Portal

All passwords saved in the repository configuration files are encrypted and are decrypted at runtime. User passwords are encrypted when making connection to the repository.

The default keys used for the encryption and decryption process are saved in the following file:

install_dir/keystore/common.keystore

For security purposes, we recommend that you generate your own key and keystore file. The keystore information is saved in the following file:

install_dir/keystore/config/cmrcommon.xml

This file contains the following XML structure:

<cmrcommon>
	<!-- Keystore Configuration -->
	<bean class="java.lang.Object" id="cmr.common.config.keystore">
		<!-- if value is empty, default to cmr home\keystore folder -->
		<param name="keyStoreFilePath" value=""/>
		<param name="keyStoreFileName" value="common.keystore"/>
		<param name="keyStoreAlias" value="cmrenkey"/>
		<param name="keyStorePassword" value="changeit"/>
	</bean>
</cmrcommon>

You can edit the following nodes:

You can use the following command to generate a 512 byte key and keystore file:

JDK_HOME\bin\keytool -genkey -keyalg RSA -keysize 512 –alias keyStoreAlias -keypass keyStorePassword -keystore keyStoreFilePath\keyStoreFileName -storepass keyStorePassword

For example: to generate a new key using the default values specified in the cmrcommon.xml file:

JDK_HOME\bin\keytool –genkey –keyalg RSA –keysize 512 –alias cmrenkey –keypass changeit –keystore install_dir\keystore\common.keystore –storepass changeit
Note: All PowerDesigner Portal web application layer installations that need to connect to a PowerDesigner Portal Server must use the same keyStore file.