securityUtility encode

The securityUtility encode command supports plain text obfuscation for Open Liberty.

This command obfuscates text that you provide, such as a password, based on the type that is specified. If no text is provided, the command enters interactive mode. Interactive mode prompts you to enter and confirm your text input, rather than provide text on the same line as the command. Text with spaces must be put in quotation marks. For more information about limits to password encryption, see Password encryption limitations.

Usage examples

Encrypt a password with Advanced Encryption Standard (AES) encryption. After you enter this command, interactive mode prompts you for the password that you want to encrypt:

securityUtility encode --encoding=aes

Hash a password. After you enter this command, interactive mode prompts you for the password that you want to hash:

securityUtility encode --encoding=hash

Syntax

Run the command from the path_to_liberty/wlp/bin directory.

securityUtility encode [options]

Options

Options for the securityUtility encode command
OptionDescription

--encoding=encoding_type

Specifies how to encode the password. Supported encodings types are xor, aes, and hash. If this option isn’t specified, a default encoding type of xor is used. Currently, the aes type uses AES-128 encryption.

You can use the hash encoding type to encode passwords for a basic user registry. As of version 19.0.0.2, you can also use the hash encoding type to encode passwords for the quickStartSecurity element.

--key=encryption_key

Specifies the key to use when you encode with AES encryption. This string is hashed to produce an encryption key that is used to encrypt and decrypt the password. You can provide the key by defining the wlp.password.encryption.key variable as the key value. If this option isn’t specified, a default key is used.

--listCustom

Displays the information of the custom password encryption in JSON format. The information consists of the following things:

  • name: The custom password encryption algorithm name.

  • featurename: The feature name.

  • description: The description of the custom password encryption.

--notrim

Specifies whether space characters are removed from the beginning and end of the specified text. If this option is specified, the provided text is encoded as it is. If this option isn’t specified, space characters are removed from the beginning and end of the specified text.

Exit codes

The following exit codes are available for the securityUtility encode command:

Exit codes for the securityUtility encode command
CodeExplanation

0

This code indicates successful completion of the requested operation.

1

This code indicates a generic error.

2

This code indicates that the server is not found.

3

This code indicates that the client is not found.

4

This code indicates that the path can not be created.

5

This code indicates that the file already exists.