Encrypting secrets stored in the Talend JobServer configuration file
You can enable encryption of password properties in the Talend JobServer configuration file.
By default, this encryption feature is disabled. To enable it, do the following.
Procedure
Results
On start of Talend JobServer, this setting will cause the following passwords to be encrypted using the Base64 encoded secret in property aes.key inside <root>\conf\aeskey.dat:
- org.talend.jmxmp.ssl.keyStorePassword
- org.talend.jmxmp.ssl.trustStorePassword
- org.talend.remote.server.ssl.keyStorePassword
- org.talend.remote.server.ssl.trustStorePassword
To modify the location or name of the key file by setting the encryption.keys.file system property in the Talend JobServer start script start_rs.bat.
Information noteImportant: For Talend ESB,
you need to set org.talend.remote.jobserver.encrypt=true in
<KARAF_HOME>\etc\org.talend.remote.jobserver.server.cfg
and store your secret inside <KARAF_HOME>\etc\aeskey.dat.
To modify location or the name of the key file, set the
encryption.keys.file system property in the start script
trun.bat