Running the encrypt command

You run the encrypt command in a command window to encrypt text strings. The encrypted and encoded strings can then be used for user credentials in a credentials file for later use. You can also use the command to encrypt any data that you want to encrypt. You can use the provided default encryption provider, or you can set up your own custom encryption provider.

About this task

You run the encrypt command with no parameters or with the text to encrypt as the first and only parameter. The second option is less secure, especially if your shell command history is enabled. When you run the encrypt command with no parameter, you are prompted for a text string, which is hidden from the terminal.

The string that you provide is encrypted with the configured encryption provider, and the encrypted output is displayed in base64-encoded format, prefixed with an alias. You then copy and paste the encoded string–including the alias prefix–to your desired location. The location could be a credentials file or a value for the password parameter in some commands. When the string is decrypted, the alias name is used to determine the type of encryption provider that was used.

When you run the encrypt command, use the full path name. The encrypt command is located in the following locations, depending on which tiers are installed on your computer:

- install_root/InformationServer/ASBNode/bin/encrypt.sh
- install_root/InformationServer/ASBServer/bin/encrypt.sh
- install_root\InformationServer\ASBNode\bin\encrypt.bat
- install_root\InformationServer\ASBServer\bin\encrypt.bat

Procedure

Optional: If you have configured your own custom encryption provider, ensure that you have specified the provider in the appropriate iis.crypto.site.properties file.
You must create the properties file in the conf directory, under the same parent directory as the encrypt command that you will run.
Command location:
install_root\InformationServer\ASBNode\bin\encrypt.bat
Its properties file location:
install_root\InformationServer\ASBNode\conf\iis.crypto.site.properties

Command location:
install_root\InformationServer\ASBServer\bin\encrypt.bat
Its properties file location:
install_root\InformationServer\ASBServer\conf\iis.crypto.site.properties

The contents of the iis.crypto.site.properties file is one entry:
```
iis.crypto.default.provider=class_of_custom_provider
```
Using the full path name, run the encrypt command, with or without the text to be encrypted as a parameter.
If the text contains spaces, enclose it in quotation marks.
- Running the encrypt command with the text provided on the command line:
```
bash$: /opt/IBM/InformationServer/ASBNode/bin/encrypt.sh myPa$$w0rd
bash$: {iisenc}PvqKLr7z3QOLJCQ4QhbrrA==
```
- Running the encrypt command with a prompt to hide the text:
```
bash$: /opt/IBM/InformationServer/ASBNode/bin/encrypt.sh
bash$: Enter the text to encrypt:
bash$: Enter the text again to confirm:
bash$: {iisenc}PvqKLr7z3QOLJCQ4QhbrrA==
```
Copy the encrypted string to a credentials file or as a value to the password parameter for any of the commands that support it.
For example:
- Used in a credentials file:
```
user=dsadm
password={iisenc}PvqKLr7z3QOLJCQ4QhbrrA==
```
- Used on the command line:
```
AppServerAdmin -username isadmin -password {iisenc}YJD9OKOxT2otQvTQFcA1qg==
```