Encrypting sensitive strings

Use the SDL Tridion Sites command line tool to encrypt the <password> fields (for Index Server and Query Server) in the smarttarget_conf.xml configuration file.

About this task

It is best practice to encrypt sensitive data such as passwords in your configuration files.

Procedure

  1. Open the library subdirectory of your API (RESTful) or of your API (in-process) Role, or any other location in your Presentation environment or Content Delivery environment that contains the following libraries:
    • cd_commmon_util-BUILD.jar
    • cd_core-BUILD.jar

    where BUILD is the build number (not necessarily the same in each case) of the JAR file.

  2. Depending on your operating system, enter one of the following commands:
    Windows operating systems
    java -cp cd_common_util-BUILD.jar;cd_core-BUILD.jar com.tridion.crypto.Encrypt INPUT
    Unix operating systems
    java -cp cd_common_util-BUILD.jar:cd_core-BUILD.jar com.tridion.crypto.Encrypt INPUT

    where INPUT is the string you want to encrypt.

    You can redirect the output to a file for easy copy-pasting of the response.

    The encryption responds, for example, as follows:

    SDL Web configuration value = encrypted:56StnjmsTNnHdITMkL4KYw==
  3. Open the smarttarget_conf.xml configuration file.

    The file is used in several locations in your installation: Where to find smarttarget_conf.xml

  4. Paste the value in the relevant <password> field, for example:
    <Password>encrypted:56StnjmsTNnHdITMkL4KYw==</Password>

Results

When Content Delivery loads the configuration file, it decrypts the encryption string back to its original value.