Versions Compared

Old Version 4

changes.mady.by.user Oleksandr Liutyi

Saved on

compared with

New Version Current

changes.mady.by.user Oleksandr Liutyi

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
# create java keystore (for vault encription)
keytool -genseckey -alias vault -storetype jceks -keyalg AES -keysize 128 -storepass password -validity 730 -keystore vault.keystore
# create vault
vault.sh -e /path/to/vault -k /path/to/vault.keystore -p password -i 64 -s salt8chr -b init -a init -c	
# add password to vault
vault.sh -e /path/to/vault -k /path/to/vault.keystore -p secret -i 64 -s salt8chr -b DATABASE -a DBUSER_PASSWORD -x password
# check if password in the vault
vault.sh -e /path/to/vault -k /path/to/vault.keystore -p secret -i 64 -s salt8chr -b DATABASE -a DBUSER_PASSWORD -c

Enable vault

Code Block
titlehost.xml
<host name="jboss1.example.com" xmlns="urn:jboss:domain:1.5">
..
 <vault>
    <vault-option name="KEYSTORE_URL" value="/path/to/vault.keystore"/>
    <vault-option name="KEYSTORE_PASSWORD" value="MASK-113kk./wNc/mH4F409CbNp"/>
    <vault-option name="KEYSTORE_ALIAS" value="vault"/>
    <vault-option name="SALT" value="salt8chr"/>
    <vault-option name="ITERATION_COUNT" value="64"/>
    <vault-option name="ENC_FILE_DIR" value="/path/to/"/>
</vault>

...