All passwords saved in the repository configuration files are encrypted and are decrypted at runtime. User passwords are encrypted when making connection to the repository.
The default keys used for the encryption and decryption process are saved in the following file:
install_dir/keystore/common.keystore
For security purposes, we recommend that you generate your own key and keystore file. The keystore information is saved in the following file:
install_dir/keystore/config/cmrcommon.xml
This file contains the following XML structure:
<cmrcommon> <!-- Keystore Configuration --> <bean class="java.lang.Object" id="cmr.common.config.keystore"> <!-- if value is empty, default to cmr home\keystore folder --> <param name="keyStoreFilePath" value=""/> <param name="keyStoreFileName" value="common.keystore"/> <param name="keyStoreAlias" value="cmrenkey"/> <param name="keyStorePassword" value="changeit"/> </bean> </cmrcommon>
You can edit the following nodes:
keyStoreFilePath – Specifies the path to the keystore file. Default value: install_dir/keystore/.
keyStoreFileName – Specifies the name of the keystore file.
keyStoreAlias – [required] Specifies the name of the alias of the key in the keystore.
keyStorePassword – [required] Specifies the password to read the keystore.
You can use the following command to generate a 512 byte key and keystore file:
JDK_HOME\bin\keytool -genkey -keyalg RSA -keysize 512 –alias keyStoreAlias -keypass keyStorePassword -keystore keyStoreFilePath\keyStoreFileName -storepass keyStorePassword
For example: to generate a new key using the default values specified in the cmrcommon.xml file:
JDK_HOME\bin\keytool –genkey –keyalg RSA –keysize 512 –alias cmrenkey –keypass changeit –keystore install_dir\keystore\common.keystore –storepass changeit