Skip to main content

         This documentation site is for previous versions. Visit our new documentation site for current releases.      

This content has been archived and is no longer being updated.

Links may not function; however, this content may be relevant to outdated versions of the product.

Enabling password encryption for BIX command-line extractions

Updated on April 5, 2022

Enable security for the database username and password by implementing a Java Cryptography Extension (JCE) keyring encryption. To do so, create a pegarules.keyring file and append the encryption information to your command-line extraction Java method.

Business Intelligence Exchange (BIX) command-line extract files store usernames and passwords within log and configuration files in plain text. Enabling password encryption for BIX command-line extractions stores usernames and passwords in an encrypted form.

For additional details on creating a keyring for other instances of database password, see article How To Encrypt Database Passwords Using a JCE Keyring file.

  1. Open the prconfig.xml file with your text and source-code editor, such as Notepad++.

  2. Below the line that contains the element <env name="database/databases/PegaDATA/password" value="a_password " />, add the following keyring prefix element to create the BIX-extract.kerying: <env name="identification/KeyringPrefix" value="BIX-extract" />

  3. Specify an encryption algorithm by adding the following identification/KeyringAlgorithm element:

  4. <env name="identification/KeyringAlgorithm" value="AES" />
  5. Specify the length of the key that you want to use to encrypt the file by adding the following identification/KeyringLength element:

  6. <env name="identification/KeyringLength" value="256" />
  7. Save and close the prconfig.xml file.

  8. Run your command-line extraction with the following changes:

    1. Add the KeyringImpl Java class: com.pega.pegarules.crpyto.KeyringImpl

    2. Add the directory and file name in which you want to generate the pegarules.keyring file.

      For example: .\config\pegarules.keyring
    3. Add the directory location of the prconfig.xml file.

      For example: .\config\prconfig.xml
    4. Add the Extract Java class and its distribution directory.

      For example: C:\imp
    For details about running a command-line extraction process, see Running a BIX command-line extraction.
    For example: Full encryption information:
    com.pega.pegarules.crpyto.KeyringImpl .\config\pegarules.keyring .\config\prconfig.xml C:\imp
    Full command-line extraction with appended encryption information:
    java –Xms512m –Xmx768m –classpath".;lib\prbootstrap-api.jar;lib\prbootstrap.jar;lib\prdbcp.jar;lib\db2jcc_v95.jar;lib\jsr94-1.0.jar;$CLASSPATH$\ -Dpegarules.config=config\prconfig.xml -Dpegarules.logging.configuration=config\prlog4j2.xml -Dcom.pega.pegarules.bootstrap.ignorejndi=true com.pega.pegarules.crpyto.KeyringImpl .\config\pegarules.keyring .\config\prconfig.xml C:\imp -i PegaSample!SampleBIX

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best. is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us