We Have Moved
The IBM Application Gateway has a new home - docs.verify.ibm.com/gateway
The documentation on this site will no longer be maintained after v21.02, please update your bookmarks.
Encryption Key
Description
Specifies an encryption key which is used to decrypt the 'ENC:' type entries.
The encryption key is an RSA private key which can be used to decrypt entries which were encrypted using the corresponding RSA public key.
This entry must be a PEM representation of an RSA private key, beginning with '-----BEGIN RSA PRIVATE KEY-----' and ending with '-----END RSA PRIVATE KEY-----'.
Properties
The following table(s) describe the configuration properties for this component:
| Name | Type | Constraints |
|---|---|---|
| enc_key | string |
Example
An RSA key pair can be created with the following commands:
Generate the RSA private key:
openssl genrsa -out private.pem 2048
Generate the corresponding public key:
openssl rsa -pubout -in private.pem -out public.pem
An encrypted entry can be generated with the following command using
the public key:
echo -n "<configuration entry>" | openssl rsautl \
-encrypt -inkey public.pem -pubin | base64
oYpkxULIexyLR2wUl+mz6Nfki8Pd23Fv0buZZxAuh+Cq1A677NTZwmcWcWN9+MBBVJaISNM0uIVd33/n83Awf77Q/LXtjtzsk41Ux690YVsagh75n/BPk7Ca+4txzwB48yOrTKtIRVbNC2H+Rpa/7LMNSc1Zjez9PqNO4WIa323NzKA4y3Cx1h3DTKANrgsJgXDHNWNs/Ar9pPXxSeFNGmgnYRVtEZtN73IAMs8TzNJKNGkBkmr6vdZvlkjI6ebezJS1kawDvaKQ/C5GXdbpoaJE+JYgYsHDEZLpiasn0Ii4yt3HHNKpsX0UUBSIMO3di0brjJPoJFccVPHLDYgPlw==
This encryption key and encrypted entry can be provided in the
configuration YAML:
secrets:
enc_key: "<the RSA private key>"
...
identity:
oidc:
client_secret: "ENC:oYpkxULIexyLR2wUl+mz6Nfki8Pd23Fv0buZZxAuh+Cq1A677NTZwmcWcWN9+MBBVJaISNM0uIVd33/n83Awf77Q/LXtjtzsk41Ux690YVsagh75n/BPk7Ca+4txzwB48yOrTKtIRVbNC2H+Rpa/7LMNSc1Zjez9PqNO4WIa323NzKA4y3Cx1h3DTKANrgsJgXDHNWNs/Ar9pPXxSeFNGmgnYRVtEZtN73IAMs8TzNJKNGkBkmr6vdZvlkjI6ebezJS1kawDvaKQ/C5GXdbpoaJE+JYgYsHDEZLpiasn0Ii4yt3HHNKpsX0UUBSIMO3di0brjJPoJFccVPHLDYgPlw=="