GHOSA Member since 2012 1 post
Posted: 6 months ago
Last activity: 6 months 1 week ago

Encrypting Pain Text in prconfig.xml

We are on Pega (base platform) v8.3. Due to certain reqts. the db connection (JDBC definition and config.) needs to be in the prconfig.xml. 

(WAS layer is Apache Tomcat 9.0.33)

However, the uname/pw is in plain text within that prconfig file.

To get the authority to operate (ATO) for our platform, we need to plug this security hole.

There is an article on the community which is an attempted How-To for the above, viz. https://community.pega.com/knowledgebase/articles/how-encrypt-database-passwords-using-jce-keyring-file

However, it is a bit confusing referring to BIX extracts and such, which is n/a (at least at the moment) for our client.

If anyone has done this (hands-on) at a Pega customer/installation; any help, input, and guidance will be much appreciated.

Thank you.



Pega Platform 8.3 System Administration Government Lead System Architect
Share this page LinkedIn