Enabling WAAPI password encryption

You can opt to store WAAPI passwords in the waapi.init file in encrypted format.

About this task

For password encryption for non-SSL and SSL connections, you use AES encryption, while for FIPS 140-2 connections, you use FIPS 140–2 mode encryption. The encryption types, and the tools required to enable them, are as follows:

Non-SSL (HTTP) connections
Passwords can be AES encrypted using the ncw_aes_crypt tool.
SSL (HTTPS) connections
Passwords can be AES encrypted using the ncw_aes_crypt tool.
SSL (HTTPS) connections with FIPS 140–2 enabled
Passwords can be encrypted using the ncw_fips_crypt tool.
WAAPI passwords must be encrypted using the ncw_fips_crypt script in WEBGUI_HOME/waapi/bin. This script uses the vault key in waapi_install_dir/etc/encrypt. If it does not already exist, the vault.key file is automatically generated on the first execution of the script.