Manually encrypt a configuration value
Use the system key tool to manually encrypt sensitive configuration values. Manually editing configuration files requires manually encrypting the value and copying it to the appropriate location.
-
Change to the directory for the OpsCenter daemon (opscenterd). For example, your opscenterd directory might be /usr/share/opscenter/bin in a package installation.
cd path_to/opscenterd_directory -
Run the system key tool with the value parameter.
opscenter_system_key_tool value -
When prompted, enter and confirm the value to encrypt.
Enter value to encrypt: Confirm value to encrypt:The system key tool shows the encrypted value.
-
Locate the
cluster_name.conffile. The location of this file depends on the type of installation:-
Package installations:
/etc/opscenter/clusters/cluster_name.conf -
Tarball installations:
INSTALL_DIRECTORY/conf/clusters/cluster_name.conf
-
-
Copy and paste the encrypted value into the appropriate location in the configuration file. For an existing cluster, manually update the encryption-required fields in the
cluster_name.conffile.For a new cluster or node, do not paste the encrypted value into the password or other encryption-required fields of the OpsCenter interface. OpsCenter automatically encrypts the sensitive fields such as passwords and writes the encrypted values to the configuration files.
-
Repeat the previous steps for each configuration value that requires encryption.
