cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Key.ini Encryption

Go to solution
Murali_Shanmu
Active Contributor

on ‎03-12-2013 4:07 AM

0 Kudos

Hi,

We are trying to transport all our developments into QA. In VDS, we tried to export the configuration in DEV and for the JDBC URL we gave something like this.

jdbc:sqlserver://host:1433;databasename=mxmc_db;username=mxmc_admin;password=%$glb.TEST_PWD%

As per the documentation, we created this parametrized constant "TEST_PWD and selected the check box for encrypt . The moment I provided this constant in JDBC URL and clicked on SAVE,  it gives an error that the password is invalid for the user mxmc_admin. However, if I manually type the password it works fine.

I have a suspicion that the system is not able to do the encryption. All the components are in one server and we are doing this task from this server.

The Key file is located in C:\usr\SAP\IdM\Identity Center\KEY\Keys.ini and I have also checked in VDS that the key.ini file is being referred to in Tools > Options.

Please suggest.

Cheers,

Murali

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

keith_zhang
Active Participant
‎03-12-2013 7:57 AM
0 Kudos

Hello Murali,

I got one exactly the same problem with one customer issue, and my test on VDS SP6 gave the same problem. I have checked the xml file generated for the VDS configuration, it seems the encryption is already done properly there, so the problem may be during decryption the constant.

The issue is being checked further now, and I will get back to you as soon as I got the results.

BR, Keith

Show replies
Show replies
Murali_Shanmu
Active Contributor
‎03-12-2013 8:02 AM
0 Kudos

Thanks for the response Keith.

Cheers,

Murali.

keith_zhang
Active Participant
‎03-24-2013 6:32 AM
0 Kudos

Hello Murali,

Sorry for the the late response. This issue now is already known to our development, and this will be fixed in future release(may be SP8).

Currently, you can use password directly(without constant) in the URL, and since the password in URL will be encrytped, this will not risk the security.

BR, Keith

Murali_Shanmu
Active Contributor
‎03-24-2013 7:50 AM
0 Kudos

Thanks Keith.

As per your instructions, while exporting VDS Config, I will hard code the password in JDBC URL. While Importing the configurations in QA, I will have to modify the files vdsext.bat/vdsext.sh. I would have to  modify the JDBC URL in this file and would need to hard code the password again. I am following the Post-transport tasks (Virtual Directory Server) steps in the Implementation document).

Will let you know how it goes.

Cheers,

Murali_Shanmu
Active Contributor
‎04-11-2013 11:04 AM
0 Kudos

Keith,

It worked fine and we were able to do the Transport.

Can you give a hint as to when SP8 will be released ?

Cheers

Murali

keith_zhang
Active Participant
‎04-12-2013 8:25 AM
0 Kudos

Hello Murali,

Glad to hear the good news

SP8 is planned to be released on CW 20 / 2013. Please check if you can access this via:

https://websmp208.sap-ag.de/~form/sapnet?_FRAME=CONTAINER&_OBJECT=011000358700001425702010E

BR, Keith

Murali_Shanmu
Active Contributor
‎04-12-2013 8:58 AM
0 Kudos

Thanks Keith. I had seen this link before posting. I did not know what CW 20 / 2013 means.

keith_zhang
Active Participant
‎04-12-2013 9:06 AM
0 Kudos

Hello Murali,

It is Calendar Week 20 of 2013.

BR, Keith

Answers (1)

Answers (1)

former_member2987
Active Contributor
‎03-12-2013 1:31 PM
0 Kudos

Murali,

Check the keys.ini on all servers and make sure that they are exactly the same.

This could also be part of your issue.

Matt

Show replies
Show replies
Murali_Shanmu
Active Contributor
‎03-12-2013 6:59 PM
0 Kudos

Matt,

I am only working on the DEV server. Also, all the components of IdM are installed on the same server and hence we didn't have the need to distribute the key file.

Thanks,

Murali

Ask a Question