Show TOC

Encrypting Adapter Configuration FilesLocate this document in the navigation structure

Use the streamingencrypt executable to encrypt parameters within adapter configuration files.

Context

Some parameters still use an older encryption mechanism. If you have any of the following encrypted already, it is not necessary to re-encrypt these parameters:
  • Password
  • RSAKeystore
  • RSAKeystorePassword
  • RSAKeyStoreAlias
All other parameters must use the streamingencrypt utility.

Procedure

  1. Use a text editor to open the required adapter configuration file:
    STREAMING_HOME/adapters/framework/instances/<adapter-name>/adapter_config.xml
    Note The SAP RFC Input and Output adapters, and the Web Services (SOAP) Input and Output adapters, do not have default configuration files. Use the provided examples to create your own adapter_config.xml for these adapters:

    STREAMING_HOME/adapters/<adapter-name>/examples/<example-name>/adapter_config.xml

  2. Add the encrypted attribute to the parameter you want to encrypt and set it to encrypted="true".
    This attribute ensures that the server recognizes the value as encrypted text and decrypts it at runtime. If the attribute is not set to true, the server does not recognize the value as encrypted text and tries to process the value without decrypting it, resulting in errors.
    In the following section of a sample adapter configuration file, encrypt the value "User123". 
    <Adapter> 
   <Cipher>  
      <File>STREAMING_HOME/adapters/framework/adapter.key</File> 
   </Cipher>
         .
         .
         .
   <EspProjects>
      <ESP Project>
         <Security>
            <User encrypted="true"><User123></User>
            <Password encrypted="true"><myPassword123></Password>    
            <AuthType><user_password></AuthType>     
         </Security>
      </ESP Project>
   <EspProjects>
</Adapter>
  3. Update the parameter definition in the relevant .xsd file in the /config directory. In this case, use a text editor to open STREAMING_HOME/adapters/framework/config/framework.xsd.

    Original definition:

     <xs:element name="User" type="xs:string" minOccurs="0" maxOccurs="1"/>

    Required definition:

    <xs:element name="User" minOccurs="0" maxOccurs="1"> 
     <xs:complexType>  
         <xs:simpleContent>  
              <xs:extension base="xs:string"> 
                   <xs:attribute name="encrypted" type="xs:boolean" default="false" /> 
              </xs:extension>
         </xs:simpleContent>
     </xs:complexType>
</xs:element>
    Note Adding the encrypted attribute to the configuration file deletes the element type="xs:string".
  4. Note the value in the Cipher element in step 2. This is the key file required to encrypt values in adapter configuration files. Optionally, create a new adapter key:
    1. From a command line, navigate to STREAMING_HOME/bin and launch the streamingencrypt executable using the --create-key option:
      streamingencrypt --create-key adapter.key
      The command writes a new key to the file adapter.key.
    2. Add the Cipher element to adapter_config.xml file using the format in step 2.
  5. From a command line, navigate to STREAMING_HOME/bin and launch the streamingencrypt executable using the --encrypt option:
    streamingencrypt --encrypt <key-file> --text <text>
    If you enter the --text value successfully, the streamingencrypt executable writes the encrypted text to the display.
  6. Copy and paste the encrypted text from the utility into the adapter configuration file you opened in step 1. Replace the original value in the parameter with the encrypted text.
  7. Save and close the adapter configuration file.