securityUtility createLTPAKeys

The securityUtility createLTPAKeys command creates a set of LTPA keys for use by the server, or that can be shared with multiple servers. If no server or file is specified, an ltpa.keys file is created in the current working directory.

Usage example

Create LTPA keys with the mypassword password that is encrypted with Advanced Encryption Standard (AES) encryption:

securityUtility createLTPAKeys --password=mypassword --passwordEncoding=aes

Syntax

Run the command from the path_to_liberty/bin directory.

securityUtility createLTPAKeys --password=pwd [options]

--password=pwd: The LTPA keys password. If no value is specified, then you’re prompted for a value.
options: One or more optional parameters.

Options

Option Description

Option	Description
--file=name	The file in which to write the LTPA keys. This option can’t be used if the `--server` option is specified.
--passwordEncoding=password_encoding_type	Specifies how to encode the LTPA keys password in the `server.xml` file. Supported encoding types are `xor` and `aes`. If this option isn’t specified, a default encoding type of `xor` is used. You can use the `securityUtility encode --listCustom` command to see if any additional custom encryptions are supported.
--passwordKey=password_encryption_key	Specifies the key to use to encode an LTPA keys password with AES encryption. This string is hashed to produce an encryption key that is used to encrypt and decrypt the password. You can provide the key by defining the `wlp.password.encryption.key` variable as the key value. If this option isn’t specified, a default key is used.
--server=name	Specifies the name of the Open Liberty server for which the LTPA keys are created. This option can’t be used if the `--file` option is specified.

--file=name

The file in which to write the LTPA keys. This option can’t be used if the --server option is specified.

--passwordEncoding=password_encoding_type

Specifies how to encode the LTPA keys password in the server.xml file. Supported encoding types are xor and aes. If this option isn’t specified, a default encoding type of xor is used.

You can use the securityUtility encode --listCustom command to see if any additional custom encryptions are supported.

--passwordKey=password_encryption_key

Specifies the key to use to encode an LTPA keys password with AES encryption. This string is hashed to produce an encryption key that is used to encrypt and decrypt the password. You can provide the key by defining the wlp.password.encryption.key variable as the key value. If this option isn’t specified, a default key is used.

--server=name

Specifies the name of the Open Liberty server for which the LTPA keys are created. This option can’t be used if the --file option is specified.

securityUtility createLTPAKeys

Usage example

Syntax

Options

See also