Encrypt Passwords using Red Hat CodeReady Workspaces

How to run the z/OS® Connect Designer container within your Red Hat CodeReady Workspaces to encrypt a password.

Before you begin

zosConnect-3.0 Applies to zosConnect-3.0.

Containers Applies to z/OS Connect container deployments.

The following tasks must be completed.

  1. Downloading the z/OS Connect Designer image.
  2. Setting up Db2 native REST services.
  3. Fork the z/OS Connect Designer Db2 sample project.
  4. Creating the Db2 tutorial workspace in Red Hat CodeReady Workspaces.

About this task

Important: Ensure your Red Hat CodeReady Workspaces is running before following these steps.

Procedure

  1. Open a terminal in the running z/OS Connect Designer container.
    1. Click My Workspace.
      Figure 1. The My Workspace button
      Screen capture to show the location of the My Workspace button.

      This opens the right navigation that contains information about the running containers that make up your workspace.

    2. Click New terminal in the zosconnect drop down menu.
      Figure 2. The New terminal button
      Screen capture to show the location of the New terminal button in the disconnect drop down menu.

      This reveals a terminal from the zosconnect container.

      Within the running z/OS Connect Designer container we have access to the securityUtility feature. Using this we can encrypt the password within the workspace.

  2. Enter the following command within the terminal ensuring that you replace <mypassword> with your own password: 
    securityUtility encode <mypassword> --encoding=aes
    Figure 3. Entering the command to encrypt the password
    Screen capture to show where to enter the command in the zosconnect terminal to encrypt the password.

    An example of the encrypted password looks something like this:

    {aes}APu1HaGpBzYbH+g8xVbuqUgJPz1ydNS9VbpAq1hsFdGt
  3. Copy the encrypted password output from the terminal.
    Figure 4. Encrypted password output
    Screen capture to show the output of the encrypted password to the zosconnect terminal.
  4. Click Stop Workspace.

    Updates to the devfile.yaml will take effect only when the workspace is restarted. To do this, we need to stop the running workspace.

    Figure 5. Stopping the workspace
    Screen capture to show how to stop the workspace using the stop workspace menu from the Recent Workspaces / Stop Workspace menu option.
  5. Update the DB2_PASSWORD variable in the devfile.yaml.

    Navigate to your workspace tab and update the DB2_PASSWORD environment variables with the output from Step 3.

    Figure 6. Updating the DB2_PASSWORD variable
    Screen capture to show updating the DB2_PASSWORD variable in the devfile.yaml.
    Figure 7. Updated DB2_PASSWORD variable with output
    Screen capture to show the updated DB2_PASSWORD variable with output in the devfile.yaml.
  6. Click the workspace name to start it.

    This restarts with the updated password.

    Screen capture to show Red Hat CodeReady Workspaces starting the sample-db2-api workspace
  7. Verify that the environment variables have successfully been passed to the workspace.

    Click My Workspace to reveal the env directory shown under the zosconnect drop down. Within are the environment variables that are defined in your devfile.yaml.

    Figure 8. Viewing environmental variables
    Screen capture to show viewing the environmental variables within the My Workspace: Workspaces / env/.

Results

You have successfully encrypted a password using the running z/OS Connect Designer container in Red Hat CodeReady Workspaces.

What to do next

Configuring your Db2 connection with basic authentication in Red Hat CodeReady Workspaces.