Enabling password encryption for BIX command-line extractions in on-premises systems
Enable security for the database username and password by implementing a
Java Cryptography Extension (JCE) keyring encryption. To do so, create a
pegarules.keyring
file and append the encryption information to your
command-line extraction Java method.
This content only applies to on-premises systems and is not supported in Pega Cloud environments.
- Open the
prconfig.xml
file with your text and source-code editor, such as Notepad++. - Below the line that contains the element
<env name="database/databases/PegaDATA/password" value="a_password " />
, add the following keyring prefix element to create theBIX-extract.kerying
: <env name="identification/KeyringPrefix" value="BIX-extract" /> - Specify an encryption algorithm by adding the following
identification/KeyringAlgorithm
element: - Specify the length of the key that you want to use to encrypt the file by adding the
following
identification/KeyringLength
element: - Save and close the
prconfig.xml
file. - Run your command-line extraction with the following changes:
- Add the
KeyringImpl
Java class: com.pega.pegarules.crpyto.KeyringImpl - Add the directory and file name in which you want to generate the
pegarules.keyring
file.For example: .\config\pegarules.keyring - Add the directory location of the
prconfig.xml
file.For example: .\config\prconfig.xml - Add the Extract Java class and its distribution directory.
For example: C:\imp com.pega.pegarules.data.internal.access.ExtractImpl
For details about running a command-line extraction process, see Running a BIX command-line extraction in on-premises systems.For example: Full encryption information: Full command-line extraction with appended encryption information:com.pega.pegarules.crpyto.KeyringImpl .\config\pegarules.keyring .\config\prconfig.xml C:\imp com.pega.pegarules.data.internal.access.ExtractImpl
java –Xms512m –Xmx768m –classpath".;lib\prbootstrap-api.jar;lib\prbootstrap.jar;lib\prdbcp.jar;lib\db2jcc_v95.jar;lib\jsr94-1.0.jar;$CLASSPATH$ -Dcom.pega.pegarules.bootstrap.properties.url=config\prbootstrap.properties -Dpegarules.config=config\prconfig.xml -Dpegarules.logging.configuration=config\prlog4j2.xml -Dcom.pega.pegarules.bootstrap.ignorejndi=true com.pega.pegarules.pub.PegaRULES com.pega.pegarules.crpyto.KeyringImpl .\config\pegarules.keyring .\config\prconfig.xml C:\imp com.pega.pegarules.data.internal.access.ExtractImpl -i PegaSample!SampleBIX
- Add the
<env name="identification/KeyringAlgorithm" value="AES" />
<env name="identification/KeyringLength" value="256" />
Previous topic Configuring BIX logs for command-line extractions in on-premises systems Next topic Running a BIX command-line extraction in on-premises systems