Encrypting Configuration Files with CA XCOM for Windows.

Document ID : KB000009719
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

Using the encryption utility, XCOMENCR you can encrypt specified parameters, including USERID and PASSWORD, in existing configuration files. An encrypted configuration file is used just like a non-encrypted configuration file. The XCOMENCR utility does not encrypt SSL configuration files.

Background:

XCOMENCR can encrypt all parameters in a configuration file. It supports parameter values up to 31 characters in an existing configuration file. If a parameter value is greater than 31 characters, only the first 31 characters will be encrypted and a comment line indicating this will be placed in the configuration file above the encrypted parameter. Null parameter values will not be encrypted. If you open an encrypted configuration file with a text editor, you will not be able to see the values of the encrypted parameters.

Instructions:

How to Encrypt Parameters

  1. Using a text editor, open the configuration file you want to encrypt, create a blank line above each parameter you want to encrypt, and type in the following for each:
    #!ENCRYPT
    Note: Any information on the line after #!ENCRYPT will be ignored.

  2. Save the configuration file as an edit file.

  3. Run the XCOMENCR utility to do the actual encryption: Type the following and press ENTER:

    [RUN] XCOMENCR input_file output_file
    Note: input_file is the configuration file you saved in step 2.

    XCOMENCR will encrypt the parameter value on the line following each #!ENCRYPT statement. Intervening comment lines are ignored.

Changing a Value That is Already Encrypted

To change an encrypted value that is already specified, you must delete all text after the parameter name and give it a new value.

Example If the line you want to change is:

PASSWORD.ENCRYPTED= 12 0F 36 79 65 AB D0 37 ...

you have to delete:

.ENCRYPTED= 12 0F 36 79 65 AB D0 37 ...

Then type in an equal sign and the new parameter value, replacing NEWVALUE with your desired value, as follows:

PASSWORD= NEWVALUE

Then save the file as an edit file and run XCOMENCR.

Additional Information:

SeeĀ Encrypt Parameter Values in Configuration Files in our online documentation.