Creating a system key to encrypt sensitive configuration values
Create the system key that enables automatically or manually encrypting sensitive configuration values such as passwords. Copy the system key to the agent for each node.
Follow these instructions to create the system key that enables automatically or manually encrypting sensitive configuration values such as passwords. Copy the system key to the agent for each node. Optionally, configure a custom name for the opsc_system_key or a path to the key when placed in a non-default location. When adjusting configuration files for an existing cluster, manually encrypt the configuration values.
Prerequisites
- If using 256-bit encryption key strength, upgrade the JRE with enhanced security
jar files. Download and install the Java Cryptography Extension (JCE), unzip the
jar files, and place them under
$JAVA_HOME/jre/lib/security
.
address.yaml
The location of the address.yaml file depends on the type of installation:
- Package installations: /var/lib/datastax-agent/conf/address.yaml
- Tarball installations: install_location/conf/address.yaml
opscenterd.conf
The location of the opscenterd.conf file depends on the type of installation:
- Package installations: /etc/opscenter/opscenterd.conf
- Tarball installations: install_location/conf/opscenterd.conf