Enabling password encryption for BIX command-line extractions in on-premises systems
Enable security for the database username and password by implementing a
Java Cryptography Extension (JCE) keyring encryption. To do so, create a
pegarules.keyring
file and append the encryption information to your
command-line extraction Java method.
For additional details on creating a keyring for other instances of database password, see article How To Encrypt Database Passwords Using a JCE Keyring file.
This content only applies to on-premises systems and is not supported in Pega Cloud environments.
- Open the
prconfig.xml
file with your text and source-code editor, such as Notepad++. - Below the line that contains the element
<env name="database/databases/PegaDATA/password" value="a_password " />
, add the following keyring prefix element to create theBIX-extract.kerying
: <env name="identification/KeyringPrefix" value="BIX-extract" /> - Specify an encryption algorithm by adding the following
identification/KeyringAlgorithm
element: - Specify the length of the key that you want to use to encrypt the file by adding the
following
identification/KeyringLength
element: - Save and close the
prconfig.xml
file. - Run your command-line extraction with the following changes:
- Add the
KeyringImpl
Java class: com.pega.pegarules.crpyto.KeyringImpl - Add the directory and file name in which you want to generate the
pegarules.keyring
file. - Add the directory location of the
prconfig.xml
file. - Add the Extract Java class and its distribution directory.
For details about running a command-line extraction process, see Running a BIX command-line extraction in on-premises systems. - Add the
<env name="identification/KeyringAlgorithm" value="AES" />
<env name="identification/KeyringLength" value="256" />
Previous topic Configuring BIX logs for command-line extractions in on-premises systems Next topic Running a BIX command-line extraction in on-premises systems