securityUtility generateAESKey

Generates a Base64-encoded 256-bit AES key that can be used with the wlp.aes.encryption.key configuration variable for password encryption in Open Liberty.

You can generate a random AES key, derive a key from a passphrase, or create an XML configuration file that contains the generated key.

Usage Examples

To generate a random 256-bit AES key, run the following command.

securityUtility generateAESKey

To derive the AES key from a passphrase, specify the --key option.

securityUtility generateAESKey --key=MyPassphrase

To generate an AES key and automatically create a configuration file, use the following example.

securityUtility generateAESKey --createConfigFile=myAesConfig.xml

Syntax

securityUtility generateAESKey [options]

Options

Options for the securityUtility generateAESKey command
OptionDescription

--createConfigFile=<name>

Creates an XML file that contains the generated AES key in the wlp.aes.encryption.key variable. If this option is not specified, the generated key is written to the console screen.

--key=<string>

This string is hashed to produce an encryption key that is used to encrypt and decrypt passwords. If this option is omitted, a random AES key is generated.

Exit codes

The following exit codes are available for the securityUtility generateAESKey command:

Exit codes for the securityUtility generateAESKey command
CodeExplanation

0

This code indicates that the AES key was generated successfully.

1

This code indicates that the command invocation failed.