Documentation Center

Encrypting sensitive strings

As it is not good practice to include sensitive data in configuration files in clear text, it is recommended to encrypt sensitive data using the command line tool delivered with Archive Manager.

About this task

It is recommended to encrypt passwords in the cd_storage_conf.xml and cd_webservice_conf.xml files.

Procedure

  1. Open a command prompt.
  2. Access your Web application WEB-INF/lib/ or \bin\lib\ folder depending on the technology you are using.
  3. Run the following command:
    java -cp cd_core.jar com.tridion.crypto.Encrypt <unencrypted_password>

    where <unencrypted_password> is the password you want to encrypt in the cd_storage_conf.xml or cd_webservice_conf.xml file.

  4. Open one of the following files and set the password in the file to the string returned by the tool:
    • cd_storage_conf.xml
    • cd_webservice_conf.xml
  5. Save and close your configuration file.

What to do next

If encryption failed, the command prompt remains open and describes the nature of the errors. Fix the errors before proceeding.