You can enable encryption of password properties in the Talend JobServer configuration file.
By default, this encryption feature is disabled. To enable it, do the following.
Procedure
Results
On start of Talend JobServer, this setting will cause the following passwords to be
encrypted using the Base64 encoded secret in property aes.key
inside <root>/conf/aeskey.dat:
-
org.talend.jmxmp.ssl.keyStorePassword
-
org.talend.jmxmp.ssl.trustStorePassword
-
org.talend.remote.server.ssl.keyStorePassword
-
org.talend.remote.server.ssl.trustStorePassword
To modify the location and name of the key file, set the
encryption.keys.file
system property in the Talend JobServer
start script start_rs.sh.
Note: For Talend ESB,
you need to set
org.talend.remote.jobserver.encrypt=true
in
<KARAF_HOME>/etc/org.talend.remote.jobserver.server.cfg
and store your secret inside <KARAF_HOME>/etc/aeskey.dat.
To modify location and the name of the key file, set the
encryption.keys.file
system property in the start script
trun.