The management of the secret key for Cúram encrypted passwords is done via the JDK-provided keytool command, or equivalent. You will need to make local decisions about placement and isolation of the secret key for Cúram that are compatible with your local organization and standards.
Keep in mind that some settings passed to the keytool command need to be reflected in the CryptoConfig.properties settings, which needs to be coordinated for successful deployment as discussed in Cipher Customization. The following table shows the relationship between keytool command arguments and the Cúram crypto properties.
Keytool argument |
CryptoConfig.properties property |
---|---|
-keyalg |
curam.security.crypto.cipher.algorithm |
-alias |
curam.security.crypto.cipher.keystore.seckey.alias |
-keystore |
curam.security.crypto.cipher.keystore.location |
-storepass |
curam.security.crypto.cipher.keystore.storepass |
See the JDK documentation for more information on using the keytool command.
Related topics: