Administer > System Security > Encryption of configuration file settings > Encrypt values in the Service Manager configuration file

Encrypt values in the Service Manager configuration file

Applies to User Roles:

System Administrator

You can use the sm -encrypt command to encrypt parameter values in the sm.ini file. You must have administrative access to the server operating system to use this procedure.

Note The values of some security parameters are encrypted automatically during the server startup, including the sqllogin parameter that is used as the example in the following task. For a list of the parameters that are encrypted automatically, see Encryption of configuration file settings.

To encrypt values in the Service Manager configuration file, follow these steps:

  1. Open the HPE Service Manager configuration file (sm.ini).
  2. Copy the parameter name and parameter value you want to encrypt.
    For example, copy sqllogin:RDBMS user/my password.

  3. Open the operating system's command prompt.
    For example, on Windows click Start > Programs > Accessories > Command Prompt.
  4. Change directories to the RUN folder of your Service Manager installation.
    For example:
    cd C:\Program Files\HPE\ Service Manager\Server\RUN
  5. Type the following command:
    sm -encrypt:<parameter name>:<parameter value>
    If the string containing the <parameter name>:<parameter value> includes spaces, you must enclose the entire parameter name and value in quotation marks. For example:
    sm -encrypt:"sqllogin:RDBMS user/my password"

    Tip The sqllogin credentials are automatically encrypted and added to the sm.ini file if you configure the credentials by running the Server Configuration Utility instead of running this command.

  6. Press Enter.
    Service Manager displays the new encrypted value.
    For example:
    sqllogin:"RDBMS user/my password" is encrypted:
    99E6136711576164187C6619C6DBA9DFFC89F7EDF186BC5827E3615BE8419CD4
  7. Copy the new encrypted value.
  8. Return to the Service Manager configuration file and add an asterisk to the beginning of the parameter name.
    For example:
    *sqllogin:
  9. Replace the clear-text value with the encrypted value.
    For example:
    *sqllogin:99E6136711576164187C6619C6DBA9DFFC89F7EDF186BC5827E3615BE8419CD4
  10. Save the configuration file.