This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Password Encryption

Go to answer
Corrie_Kantowsk
Star Contributor
Star Contributor

‎03-21-2024 07:34 AM

According to the Perceptive Content Server Installation and Setup Guide Version: Foundation 22.2:

 

1) The password supplied in the odbc.user.password setting is consumed by the application for encryption in the odbc.user.password.encrypted setting.

 

2) The password supplied in the mq.password setting is consumed for encryption in the mq.password.encrypted setting. This value is encrypted and removed from the mq.password setting after running the inserver –encrypt-config command.

 

3) The password supplied in the mq.client.password setting is consumed for encryption in the mq.client.password.encrypted setting. This value is encrypted and removed from the mq.password setting after running the inserver –encrypt-config command.

 

I have 2 questions:

1) Does the inserver -encrypt-config command encrypt the odbc.user.password? I am not sure what is meant by "consumed by the application".

 

2) The 3 above-mentioned passwords are located in the inow.ini file. There is one additional password in the inow.ini file that is not mentioned - LDAP.password. Is this password also encrypted when the inserver -encrypt-config is run? If so, is there a chance that this command does not always work on this field? It is not encrypted in my inow.ini, but the other passwords are.

 

Thank you

Labels:
3 ACCEPTED ANSWERS

Go to answer
Dave_Clevenger
Confirmed Champ
Confirmed Champ

‎03-21-2024 08:02 AM

I think when it says "consumed" it means those fields will become empty values when you run the -encrypt-config command, they are replaced with the encrypted version of that field for example:

 

odbc.user.password.encrypted=<encrypted password>

View answer in original post

0 Kudos

Go to answer
BrandonCrespino
Employee
Employee

‎03-24-2024 06:30 PM

Hi @Corrie K - When we start the inserver process we read the database/ODBC setting. If there is a value in the unencrypted section we attempt to use that value for the connection and then will encrypt and place in the encrypted setting. The ODBC setting is a little different than the others since we do this automatically. The other settings that have a password  will be encrypted when the -encrypt-config flag is used. The areas that would have encrypted passwords would be ODBC, Message Queue, and LDAP.

 

If you are not seeing LDAP getting encrypted then this would be unexpected and I would recommend opening a support case so that we can have someone take a look.

View answer in original post

0 Kudos

Go to answer
Corrie_Kantowsk
Star Contributor
Star Contributor

‎03-25-2024 12:55 PM

Just one last question, can it be unencrypted, if needed?

View answer in original post

0 Kudos
6 REPLIES 6

Go to answer
Corrie_Kantowsk
Star Contributor
Star Contributor

‎03-25-2024 12:55 PM

Just one last question, can it be unencrypted, if needed?

0 Kudos

Go to answer
BrandonCrespino
Employee
Employee
In response to Corrie_Kantowsk

‎03-25-2024 01:04 PM

Hi @Corrie K  - It cannot. If an error is made with the password or it changes then the value will need to be cleared, the update entered, and then encrypted again. There is no decryption option.

0 Kudos
Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC