Encryption of properties files

Overview

Tools such as the database purge utility or the usage report tool (URT), are needed to encrypt sensitive data such as database user account and password credentials within properties files.

To facilitate this task, an encryption utility that can encrypt a properties file by using the triple DES encryption algorithm is available. The encrypted file can then be decrypted by the URT or purge tool, while the sensitive data remains inaccessible to third parties.

Typically, a dedicated properties file is used in addition to a main properties file, and used to store database connection credentials and security settings. The main properties file is used to store the properties specific to the utility in question. The properties file containing the database connection credentials and security settings must be encrypted, while the main properties file can optionally be encrypted, depending on the security requirements of the user.

Usage

The encryption tool is located in the install_directory\ftm\v409\tools\encryption\ directory.

To run it, place the properties file that is to be encrypted into the same directory. Then, from a command console, run the encryption JAR and pass the name of the properties file as an argument.
Note: The file encryption and decryption functions that contained within this tool are sensitive to the version of Java™ that is used at run time. The file decryption and database connection encryption functions that are contained within the URT and purge tools are also sensitive to the version of Java that is used at run time. To avoid incompatibility issues, use the same IBM® provided version of Java to run each tool, such as the one that comes with IBM App Connect Enterprise. For example, in a Windows environment and depending on where IBM App Connect Enterprise is installed, the command to run the encryption tool in this manner looks similar to the following command "C:\Program Files\IBM\MQSI\9.0.0.6\jre17\bin\java" -jar encrypt.jar properties.file.

In this example, an encrypted file that is named properties.file.en3 is generated from a plain text file named properties.file. The original non-encrypted file persists, so consider removing it after the encrypted version was created successfully.