Administer > Configure to Use Encrypted Parameters on the Tomcat Server

Configure to Use Encrypted Parameters on the Tomcat Server

To configure to use encrypted parameters on the Tomcat server,

  1. Stop the Tomcat server.
  2. Locate the file catalina.properties in $CATALINA_BASE/conf/, where $CATALINA_BASE is the directory in which you installed Tomcat.

    1. Open the the file catalina.properties.
    2. Uncomment or add the following:

      org.apache.tomcat.util.digester.PROPERTY_SOURCE=com.hp.ucmdb_browser.tomcat_config.CustomPropertyDecoder
    3. Save the file.
  3. Go to the $CATALINA_BASE/lib/ directory, check that you have the following .jar file (if not, copy it from the CMS UI 2018.05 - Tomcat assembly

    • tomcat-property-config.jar
  4. Go back to the $CATALINA_BASE/conf/ directory,

    1. Create a file called configproperties.txt.
    2. Add values in the form of: <key>=<value>. For example,

      my.port=8088
  5. Open the $CATALINA_BASE/conf/server.xml file, and use those properties as follows:

    This is the HTTP connector, note the my.port usage:

    <Connector port="${my.port}" protocol="HTTP/1.1"
             connectionTimeout="20000"
             redirectPort="8443" />
  6. Restart the Tomcat server.

    Upon startup, an automatically generated configproperties.bin file, the encrypted version of the configproperties.txt file, replaces the original configproperties.txt file.

    The values of the parameters will be replaced on Tomcat startup, by the values defined in the encrypted file.

There is now no clear text version of these parameters, they are all encrypted.