CE Bootstrap properties

Content Engine needs bootstrap information in order to create the GCD, and thereafter to provide the resources it needs to boot up. During CE configuration, Configuration Manager configures the bootstrap file. Once CE is configured and the new FileNet P8 domain is created and functioning, the bootstrap file continues to provide the information below to allow CE to load. This file is named CEMPBoot.properties, contained in the CE EAR file.

There are two reasons why you would edit the bootstrap file:

With planning and normal precautions, these situations can likely be avoided, meaning you would never need to change the bootstrap file. However, if these situations do occur, use the Bootstrap Configuration Utility (BCU) to edit the file, as described below.

All deployments of the EAR file, for the purpose of adding additional CE servers to the FileNet P8 domain, must use identical values for the bootstrap properties. Therefore, any changes you make to the EAR file for a system in production must be made to all such EAR files. Depending on how your Java™ 2 Enterprise Edition (J2EE) application server is configured, these changes could be made part of an automated deployment process.

For more information see How to change Bootstrap admin password.

Sample CEMPBoot.properties file

The following is a sample bootstrap file showing default values for all properties except that EncryptedPassword has already been set and programmatically encrypted by the Master Key:

com.filenet.gcd.CipherKeyLength=128
com.filenet.gcd.Username=CEMPAdmin
com.filenet.gcd.DigestAlgorithm=SHA
com.filenet.gcd.GCDConnection=jndiname\=Domain1DS;jndinamexa\=Domain1DSXA
com.filenet.gcd.EncryptedPassword=8dd56a9d9331b9cbe43536a42ce8146d
com.filenet.gcd.CipherAlgorithm=AES

These properties are defined in the following table:

CEMPBootstrap properties
Definition
CipherKeyLength Default length of the cipher key that will be used to encrypt GCD credentials.
Username

A directory service account that is granted the role of application server administrator by CE Setup. This account will be used to logon to the application server and access the datasources named in the GCDConnection property. CE runs as this account, and it is therefore referred to in documentation as the "CE system user".

The default value CEMPAdmin is only a suggestion and will be changed to whatever you enter into CE setup.

See the entry for "CE system user" in Users and Groups for information about this account.

DigestAlgorithm Default digest algorithm used to encrypt the Master Key. See Content Engine Encryption for information about the Master Key.
GCDConnection The two datasource names that will be used in the creation of the GCD. Entered while running CE setup.
EncryptedPassword The encrypted password of the user identified by the Username property. Entered while running CE setup. The encryption was carried out using the Master Key.
CipherAlgorithm Default algorithm used to encrypt the Master Key.

Edit CE Bootstrap properties with the Bootstrap Configuration Utility

The Bootstrap Configuration Utility is a tool that edits the CEMPBoot.properties file. The bootstrap tool is contained in the BootstrapConfig.jar file, which is installed by the CE setup program into the Program Files\FileNet\ContentEngine\lib folder.

Usage

java -jar BootstrapConfig.jar ...
-h
-v
-e file -l
-e file -rf
-e file -j file
-e file [-fnq] [-b bits] [-c algorithm] ...
     [-g name] [-i name] [-k key] [-m algorithm] ...
     [-p password] [-s name] [-u name] [-x name] ...
     [-y class] [-o boolean] [-w port] [-j file]

-b,--keylength <bits> Cryptographic key length (in bits)
-c,--cipher <algorithm> Cryptographic cipher algorithm
-e,--ear <file> Filename and optional path of the EAR file
-f,--force Forces the utility to ignore warnings
-g,--dprovider <name> Cryptographic message digest provider
-h,--help Displays this help message
-i,--cprovider <name> Cryptographic cipher provider
-j,--targetear <file> File path of the EAR file to be patched with bootstrap info
-k,--key <key> Master cryptographic key
-l,--list Lists the current configuration
-m,--digest <algorithm> Cryptographic message digest algorithm
-n,--forcetext Forces the utility to store a plaintext password
-o,--outside <boolean> Forces master key safe mode
-p,--password <password> Password associated with username
-q,--quiet Suppresses text output
-r,--reset Restores the configuration to default values
-s,--datasource <name> JNDI datasource name (non-XA)
-t,--insert <filepath> Inserts the specified file into the EAR
-u,--username <name> Username of an app server administrator
-v,--version Displays version and copyright information
-w,--wasphttpport <port> HTTP Port for WSI (wasp.servlet.httpport)
-x,--xadatasource <name> JNDI datasource name (XA)
-y,--handler <class> Keystore handler class name (with package)

Example

The following example shows how you would upgrade a new CEMPBoot.properties file by copying CEMPBoot.properties from a source (old) EAR's props.jar to a target (new) EAR. The properties in the target will be overwritten:

java -jar BootstrapConfig.jar -e /opt/<path>/Engine-ws.ear -j Engine-ws.ear

(-e introduces the source (old) EAR; -j introduces the target (new) EAR; ws denotes WebSphere; wl denotes WebLogic; jb denotes single JBoss, and jbc denotes the cluster installation of JBoss.)

NOTE  If props.jar or CEMPBoot.properties do not exist in the target, they will be created based on the source. This will also fix some cases of malformed target EARs.