Discussion

47
Views
Close popover
Raj Ghosh (GHOSA)
PEGA
Principal System Architect - Pega Consulting
Pegasystems Inc.
US
GHOSA Member since 2012 1 post
PEGA
Posted: April 10, 2020
Last activity: April 14, 2020
Closed

Encrypting Pain Text in prconfig.xml

We are on Pega (base platform) v8.3. Due to certain reqts. the db connection (JDBC definition and config.) needs to be in the prconfig.xml. 

(WAS layer is Apache Tomcat 9.0.33)

However, the uname/pw is in plain text within that prconfig file.

To get the authority to operate (ATO) for our platform, we need to plug this security hole.

There is an article on the community which is an attempted How-To for the above, viz. https://community.pega.com/knowledgebase/articles/how-encrypt-database-passwords-using-jce-keyring-file

However, it is a bit confusing referring to BIX extracts and such, which is n/a (at least at the moment) for our client.

If anyone has done this (hands-on) at a Pega customer/installation; any help, input, and guidance will be much appreciated.

Thank you.

Regards,

Raj.

Pega Platform 8.3 System Administration Government Lead System Architect
Moderation Team has archived post,
Close popover This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Discussion, please write a new Discussion.