securityUtility createLTPAKeys

The securityUtility createLTPAKeys command creates a set of LTPA keys for use by the server, or that can be shared with multiple servers. If no server or file is specified, an ltpa.keys file is created in the current working directory.

Usage example

Create LTPA keys with the mypassword password that is encrypted with AES encryption:

securityUtility createLTPAKeys --password=mypassword --passwordEncoding=aes

Syntax

Run the command from the path_to_liberty/bin directory.

securityUtility createLTPAKeys --password[=pwd] [options]
--password[=pwd]

The LTPA keys password. If no value is specified, then you’re prompted for a value.

options

One or more optional parameters.

Options

Option Description

--file=name

The file in which to write the LTPA keys. This option can’t be used if the --server option is specified.

--passwordEncoding=password_encoding_type

Specifies how to encode the LTPA keys password in the server.xml file. Supported encoding types are xor and aes. If this option isn’t specified, a default encoding type of xor is used.

You can use the securityUtility encode --listCustom command to see if any additional custom encryptions are supported.

--passwordKey=password_encryption_key

Specifies the key to use to encode an LTPA keys password with AES encryption. This string is hashed to produce an encryption key that is used to encrypt and decrypt the password. You can provide the key by defining the wlp.password.encryption.key variable as the key value. If this option isn’t specified, a default key is used.

--server=name

Specifies the name of the Open Liberty server for which the LTPA keys are created. This option can’t be used if the --file option is specified.