Use > Hardening > Introduction to Hardening > System Access > How to Encrypt the Database Password for Configuration Manager > Parameters for Configuration Manager Database Password Encryption

Parameters for Configuration Manager Database Password Encryption

The following table lists the parameters included in the encryption.properties file used for CM database password encryption. For details on encrypting the database password, see How to Encrypt the Database Password for Configuration Manager.

Parameter

Description

cryptoSource

Indicates the infrastructure implementing the encryption algorithm. The available options are:

  • lw. Uses Bouncy Castle lightweight implementation (Default option)

  • jce. Java Cryptography Enhancement (standard Java cryptography infrastructure)

storageType

Indicates the type of the key storage.

Currently, only binary file is supported.

binaryFileStorageName

Indicates the place in the file where the master key is stored.

cipherType

The type of the cipher. Currently, only symmetricBlockCipher is supported.

engineName

The name of the encryption algorithm.

The following options are available:

  • AES. American Encryption Standard. This encryption is FIPS 140-2 compliant. (Default option)

  • Blowfish

  • DES

  • 3DES. (FIPS 140-2 compliant)

  • Null. No encryption

keySize

The size of the master key. The size is determined by the algorithm:

  • AES. 128, 192, or 256 (Default option is 256)

  • Blowfish. 0-400

  • DES. 56

  • 3DES. 156

encodingMode

The ASCII encoding of the binary encryption results.

The following options are available:

  • Base64 (Default option)

  • Base64Url

  • Hex

algorithmModeName

The mode of the algorithm. Currently, only CBC is supported.

algorithmPaddingName

The padding algorithm used.

The following options are available:

  • PKCS7Padding (Default option)

  • PKCS5Padding

jceProviderName

The name of the JCE encryption algorithm.

Note Only relevant when crytpSource is jce. For lw, engineName is used.