Skip to main content
Version: 25.2.0

Encrypting the Properties file

This step is optional.

Most of the waratek.properties can be encrypted but in most cases the credentials for accessing Elasticsearch and the Management Console are most likely candidates for encryption:

  • MC Controller Key (com.waratek.ControllerKey)
  • MC Node Id (com.waratek.NodeId)
  • MC Node Password (com.waratek.NodePassword)
  • Elasticsearch Username (com.waratek.ElasticsearchUsername)
  • Elasticsearch Password (com.waratek.ElasticsearchPassword)
  • Trust store Password (com.waratek.trustStorePassword)

The encryption of properties must be done manually, as described below.

The script that can be used to encrypt properties is included in the Management Console installation in the scripts directory: encryptProperty.sh It takes a single argument which is the plaintext property to be encrypted, surrounded by quotes. The script outputs the encrypted value.

Example:

% ./scripts/encryptProperty.sh "password"
The property was successfully encrypted.
The full output below can be used as a replacement property in application.properties
or as input to the configuration script.

ENC(F52YU6KBIqA6V1EdEjk9NjKUNVBXkGSI)

That property can be used to manually update the waratek.properties file or as an input to the configuration script:

com.waratek.trustStorePassword=ENC(F52YU6KBIqA6V1EdEjk9NjKUNVBXkGSI)

The following is the list of properties which can not be encrypted by using the above script:

  • Show Start (com.waratek.ShowStart)
  • Hide Start (com.waratek.HideStart)
  • Local Rules File (com.waratek.rules.local)
  • Rules Directory (com.waratek.rules.dir)
  • Rules Auto reload Enabled (com.waratek.rules.autoreload)
  • MC Debug (com.waratek.debug.mc)
  • MC Debug Transport File (com.waratek.debug.transport.file)