Setting up property value encryption
You can use property value encryption to encrypt string values in a properties file or configuration file so that the strings cannot be read without a key. When the process that uses the properties file or configuration file starts up, the strings are decrypted.
You can use this encryption mechanism in the ObjectServer, proxy server, nco_postmsg, LDAP, probe, and gateway properties files. You can also use this mechanism to encrypt passwords that are stored in process agent configuration files.
The property value encryption mechanism uses the Advanced Encryption Standard (AES), which supports keys of 128, 192, and 256 bits, a command-line key generator (nco_keygen), and an encryption utility (nco_aes_crypt). Cryptographic algorithms are also available for use in FIPS 140–2 and non-FIPS 140–2 mode. The procedure is as follows: