ibmint set credential command

Use the ibmint set credential command to create or update a credential.

Supported platforms

  • Windows
  • Linux®
  • Linux on POWER®
  • Linux on Z
  • AIX®
  • IBM® z/OS® Container Extensions (zCX)

Purpose

You can use the ibmint set credential command to create or update a credential to be used by integration nodes or integration servers.

Syntax

Read syntax diagramSkip visual syntax diagramibmint set credential--work-directoryworkDirectory--external-directory-vaultvaultLocation--integration-nodenodeName--admin-hosthost--admin-port port--admin-uriURI--integration-connection-filefilepath --credential-typetype --credential-namename credentialPropertiesproperty 1, property 2, property 3.. --vault-keykey--external-directory-vault-keykey--vaultrc-location directory --auth-type authType --integration-serverserver --https--cacertcertFile--cacert-passwordcacertPassword--insecure--no-https--tracefilePath--help

Parameters

connectionSpec is one of the following:

(a)
--work-directory workDirectory
The path to the work directory that is used by an independent integration server.
(b)
--external-directory-vault vaultLocation
The path to the directory that contains the external directory vault.
(c)
--admin-host host --port port
Hostname and port of an independent integration server or integration node.
(d)
--integration-connection-file filePath
File containing connection parameters for an independent integration server or integration node.
(e)
--integration-node nodeName
Name of a locally defined integration node.
(f)
--admin-uri URI
The URI of a remote integration server, in the form tcp://[user[:password]@]host:port.

If you want to connect to a secured integration node as a specific user, provide the security credentials as a URI in the following format: tcp://user:password@hostname. If your password contains URI Reserved characters, you must convert these characters to the percent-encoded format. For more information, see A correct URL and password returns error BIP1939 when you attempt to connect to a remote host name in Resolving problems when running commands.

(g)
--admin-uri URI --cacert cacertFile --cacert-password cacertPassword
The URI of a remote integration server, in the form ssl://[user[:password]@]host:port. Optionally followed by options concerning REST communications.

If you want to connect to an integration server over a secure connection, you can use the --cacert parameter to specify the path to a certificate file (in either PEM, P12, or JKS format) and the --cacert-password parameter to specify the password for password-protected cacert files.

If you want to connect to a secured integration node as a specific user, provide the security credentials as a URI in the following format: tcp://user:password@hostname. If your password contains URI Reserved characters, you must convert these characters to the percent-encoded format. For more information, see A correct URL and password returns error BIP1939 when you attempt to connect to a remote host name in Resolving problems when running commands.


--credential-type type
Indicates the type of the credential. Use the command ibmint display credential-types to see the list of credential types. For more information, see ibmint display credential-types command.

For more information about credential types, see Credential types.


--credential-name name
Indicates the name of the credential.

credentialProperties
The properties that are required for each credential vary according to the credential type. To see the list of credential types and their associated properties, run the command ibmint display credential-types--show-auth-types. For more information, see ibmint display credential-types command.

Use one of the following options to access the vault key:

(a)
--vault-key key
Indicates the vault key to be used to access the vault where the credential is stored.
(b)
--external-directory-vault-key key
Indicates the vault key to be used to access the external directory vault where the credential is stored.
(c)
--vaultrc-location directory
Indicates the location of the .mqsivaultrc file.

--auth-type authType
Indicates the authentication type of the credential.
This option can be omitted except when you update a credential to a different authentication type.
When you update a credential to a different authentication type, all properties for the new authentication type must be specified.

--integration-server server
Integration server name.

--https
(Optional) Specifies that HTTPS will be used for the connection to the integration node or server. If neither --https nor --no-https is specified, the connection is tried first with HTTPS and then without using HTTPS if the first attempt fails.
--no-https
(Optional) Specifies that HTTPS will not be used for the connection to the integration node or server. If neither --https nor --no-https is specified, the connection is tried first with HTTPS and then without using HTTPS if the first attempt fails.
--cacert cacertFile
(Optional) Specifies the path to the certificate file (in either PEM, P12, or JKS format) to be used to verify the integration node or server. If no cacert file is specified and default admin-ssl is enabled, the cacert file defaults to the default pem file for admin-ssl.
  • The --cacert parameter is valid only if HTTPS is used for the connection, so it cannot be set together with the --no-https parameter. You can set --cacert when the --https parameter has been set or when neither the --https nor --no-https parameter has been set (in which case SSL is used by default).
  • The --cacert parameter can be set only if the --admin-host parameter is specified, or if the --admin-uri parameter is specified with a URI that starts with ssl://.
--cacert-password cacertPassword
(Optional) The password for password-protected cacert files.
  • The --cacert-password parameter is valid only if HTTPS is used for the connection and if the --cacert parameter has been set. You cannot set it together with the --no-https parameter.
  • The --cacert-password parameter can be set only if the --admin-host parameter is specified, or if the --admin-uri parameter is specified with a URI that starts with ssl://.
--insecure
(Optional) Specifies that the certificate that is returned by the integration node or server will not be verified.
  • The --insecure parameter is valid only if HTTPS is used for the connection, so it cannot be set together with the --no-https parameter. You can set --insecure when the --https parameter has been set or when neither the --https nor --no-https parameter has been set (in which case SSL is used by default).
  • The --insecure parameter can be set only if the --admin-host parameter is specified, or if the --admin-uri parameter is specified with a URI that starts with ssl://.
--trace filePath
Send verbose internal trace to the specified file.
--help
Use this parameter to display help about the command.

Examples

Set a credential for an external directory vault:
ibmint set credential --external-directory-vault C:\Users\myUser\IBM\ACET13\workspace_4409\TEST_EXT_DIR_VAULT --external-directory-vault-key myvaultkey --credential-type gitlab --credential-name GitLab1 --access-token accessToken
Set a credential for an independent integration server:
ibmint set credential --work-directory C:\Users\myUser\IBM\ACET13\workspace_4409\TEST_SERVER --vault-key myvaultkey --credential-type gitlab --credential-name GitLab1 --access-token accessToken
Set a credential for an integration node:
ibmint set credential --integration-node node1 --vault-key myvaultkey --integration-server server1 --credential-type gitlab --credential-name GitLab2 --access-token accessToken