Watch4Net/SRM Suite :How to encrypt the APG database password
Article ID: 333403
Updated On:
Products
VMware
Issue/Introduction
Symptoms:
Watch4Net/SRM Suite 6.3::How to encrypt the APG database password
This is a draft work in progress doc, will update with correct procedure once done
Ran the crypted password (created with crypt-password.sh) from opt/APG/bin
Changed the APG user password in the following xml files with encrypted password:
Portal server:
APG/Web-Servers/Tomcat/Default/conf/server.xml
APG/Tools/Frontend-Search/Default/conf/frontend-search.xml
APG/Web-Servers/Tomcat/Default/conf/Catalina/localhost/alerting-frontend.xml
Backend server:
APG/Backends/APG-Backend/Default/conf/mysql.xml
APG/Tools/Topology/Default/conf/topology-refresh-config.xml
APG/Tools/MySQL-Maintenance-Tool/Default/conf/mysql-root-apg.xml
APG/Tools/MySQL-Maintenance-Tool/Default/conf/mysql-root-mysql.xml
APG/Tools/MySQL-Maintenance-Tool/Default/conf/mysql.xml
Stopped the services
MySQL login:
mysql-client.sh
username = root
database = mysql
password = watch4net
use mysql;
UPDATE mysql.user SET password=password('encryptedpassword') WHERE User='apg';
flush privileges;
grant all privileges on *.* to 'apg'@PBE' identified by '{ENCRYPTEDPASSWORD}';
/opt/APG/Databases/MySQL/Default/bin # ./mysql --host=PBE --port=53306 --user=apg --password={ENCRYPTEDPASSWORD}
This should log you into mysql
If any issues take a look at catalina log for todays date within programfiles/APG/Web-Servers/Tomcat/Default/logs
Ie you may need to grant priveleges to other hosts
restart services
Watch4Net/SRM Suite 6.3::How to encrypt the APG database password
This is a draft work in progress doc, will update with correct procedure once done
Ran the crypted password (created with crypt-password.sh) from opt/APG/bin
Changed the APG user password in the following xml files with encrypted password:
Portal server:
APG/Web-Servers/Tomcat/Default/conf/server.xml
APG/Tools/Frontend-Search/Default/conf/frontend-search.xml
APG/Web-Servers/Tomcat/Default/conf/Catalina/localhost/alerting-frontend.xml
Backend server:
APG/Backends/APG-Backend/Default/conf/mysql.xml
APG/Tools/Topology/Default/conf/topology-refresh-config.xml
APG/Tools/MySQL-Maintenance-Tool/Default/conf/mysql-root-apg.xml
APG/Tools/MySQL-Maintenance-Tool/Default/conf/mysql-root-mysql.xml
APG/Tools/MySQL-Maintenance-Tool/Default/conf/mysql.xml
Stopped the services
MySQL login:
mysql-client.sh
username = root
database = mysql
password = watch4net
use mysql;
UPDATE mysql.user SET password=password('encryptedpassword') WHERE User='apg';
flush privileges;
grant all privileges on *.* to 'apg'@PBE' identified by '{ENCRYPTEDPASSWORD}';
/opt/APG/Databases/MySQL/Default/bin # ./mysql --host=PBE --port=53306 --user=apg --password={ENCRYPTEDPASSWORD}
This should log you into mysql
If any issues take a look at catalina log for todays date within programfiles/APG/Web-Servers/Tomcat/Default/logs
Ie you may need to grant priveleges to other hosts
restart services
Environment
VMware Smart Assurance - Watch4Net/M&R
Cause
need for encrypted security password for watch4net db
Resolution
In server.xml on frontend host within /opt/APG/Web-Servers/Tomcat/Default/conf you have 2 choices
1)Either you enter the clear-text password
2)or you use crypt-password against the clear text (and not the encrypted db password)
Option 2 is only available with APG 6.4 or ViPR SRM 3.5
1. add the following in opt/APG/Web-Servers/Tomcat/Default/conf/unix-service.properties
jvm.param.<N>=-Djavax.sql.DataSource.Factory=com.watch4net.apg.v2.gui.tomcat.W4NDataSourceFactory
(replace N accordingly)
2. Issue a 'service install' to kick it into effect
# /opt/APG/bin/manage-modules.sh service install/update tomcat
If it's pre 6.4, only option is to leave it in clear text in server.xml.
1)Either you enter the clear-text password
2)or you use crypt-password against the clear text (and not the encrypted db password)
Option 2 is only available with APG 6.4 or ViPR SRM 3.5
1. add the following in opt/APG/Web-Servers/Tomcat/Default/conf/unix-service.properties
jvm.param.<N>=-Djavax.sql.DataSource.Factory=com.watch4net.apg.v2.gui.tomcat.W4NDataSourceFactory
(replace N accordingly)
2. Issue a 'service install' to kick it into effect
# /opt/APG/bin/manage-modules.sh service install/update tomcat
If it's pre 6.4, only option is to leave it in clear text in server.xml.
Feedback
Yes
No
Powered by
