Encrypting sensitive strings

SDL Tridion provides a command line tool for encrypting sensitive data such as passwords in your configuration files as you may not want to include sensitive data in the configuration files in cleartext.

Procedure

  1. On the Content Delivery server, open a command prompt.
  2. Navigate to the directory that contains the file cd_core.jar. By default, this file is located in your Content Delivery root location.
  3. Enter the following command, where mysensitivestring is the string you want to encrypt:
    java -cp cd_core.jar com.tridion.crypto.Encrypt mysensitivestring

    (You may wish to redirect output to a file for easy copy-pasting of the tool's response).

    The encryption responds as follows:

    SDL Tridion configuration value = encrypted:9FUJ9CP81Oj63VhnJxcqx//pW3fP4bekeupIexctzcs=
  4. In your configuration file where you would normally insert your sensitive data, now insert the string returned by the tool, including the encrypted: prefix. For example:
    <Property Name="password" Value="encrypted:fhS6whp/g==hjS2G2rG6aI6T"/>

Results

When Content Delivery loads the configuration file, it decrypts the encryption string back to its original value.