Try OpenEdge Now
skip to main content
Installation and Configuration
Configuration : Managing OpenEdge Key and Certificate Stores : Managing key stores for OpenEdge servers : Using genpassword to obtain a key store password-encrypted value
 
Using genpassword to obtain a key store password-encrypted value
When you must configure an OpenEdge SSL server by manually editing the ubroker.properties file, or for the OpenEdge RDMS when you start up the database server to enable SSL connections, you must specify the password to allow access to the required private-key alias. The value you specify is available to anyone who can read the file or command line where you enter it. In order to prevent access to this password by unauthorized users, you must specify an encrypted form of the password that is equivalent to the password itself.
Note: You must also provide the encrypted form of the password ("password") for the default_server alias. In OpenEdge Management or OpenEdge Explorer, when you configure an SSL server with the default_server alias, OpenEdge automatically provides the encrypted form of this password.
OpenEdge provides the genpassword command-line utility that you can use to obtain the encoded and encrypted form for the real password.
For example, when the following code is executed in the OpenEdge Proenv command window, you can generate an encrypted value for a password whose value is "topsecret":
proenv>genpassword -password topsecret
243d3f343726213624
proenv>
Later, to verify that an existing encrypted value matches the real password value, you can run genpassword, as follows:
proenv>genpassword -password topsecret -verify 243d3f343726213624
The passwords match.

proenv>
For more information on the options of the genpassword command-line utility, see Command and Utility Reference.