securityUtility encode

The securityUtility encode command supports plain text obfuscation for Open Liberty.

This command obfuscates text that you provide, such as a password, based on the type thatis is specified. If no text is provided, the command enters interactive mode. Interactive mode prompts you to enter and confirm your text input, rather than provide text on the same line as the command. Text with spaces must be put in quotation marks. For more information about limits to password encryption, see Password encryption.

Usage examples

Encrypt a password with AES encryption. After you enter this command, interactive mode prompts you for the password that you want to encrypt:

securityUtility encode --encoding=aes

Hash a password. After you enter this command, interactive mode prompts you for the password that you want to hash:

securityUtility encode --encoding=hash

Syntax

Run the command from the path_to_liberty/bin directory.

securityUtility encode [options]
options

One or more optional parameters.

Options

Option Description

--encoding=encoding_type

Specifies how to encode the password. Supported encodings types are xor, aes, and hash. If this option isn’t specified, a default encoding type of xor is used.

You can use the hash encoding type to encode passwords for a basic user registry. As of version 19.0.0.2, you can also use the hash encoding type to encode passwords for the quickStartSecurity element.

--key=encryption_key

Specifies the key to use when you encode with AES encryption. This string is hashed to produce an encryption key that is used to encrypt and decrypt the password. You can provide the key by defining the wlp.password.encryption.key variable as the key value. If this option isn’t specified, a default key is used.

--listCustom

Displays the information of the custom password encryption in JSON format. The information consists of:

  • name: The custom password encryption algorithm name.

  • featurename: The feature name.

  • description: The description of the custom password encryption.

--notrim

Specifies whether space characters are removed from the beginning and end of the specified text. If this option is specified, the provided text is encoded as it is. If this option isn’t specified, space characters are removed from the beginning and end of the specified text.