{"id":11760,"date":"2016-12-21T08:11:31","date_gmt":"2016-12-21T08:11:31","guid":{"rendered":"https:\/\/ephesoft.com\/docs\/?p=11760"},"modified":"2020-05-19T12:24:21","modified_gmt":"2020-05-19T19:24:21","slug":"how-to-encrypt-passwords-in-ephesoft-files","status":"publish","type":"docs","link":"https:\/\/ephesoft.com\/docs\/products\/transact\/configurations\/security-configuration\/how-to-encrypt-passwords-in-ephesoft-files\/","title":{"rendered":"How to Encrypt Passwords in Ephesoft files"},"content":{"rendered":"

Brief Description:<\/strong><\/p>\n

This tutorial deals with the steps on how to encrypt the plain text passwords in the Ephesoft files to increase security of the application.<\/p>\n

 <\/p>\n

Note:<\/strong><\/p>\n

    \n
  1. We manually have to replace the plain text passwords in the Ephesoft configuration files with the Encrypted password that gets generated with the Password Encryption Utility.<\/li>\n
  2. The passwords can be encrypted in server.xml file(database passwords & LDAP \/ AD connection password), dcma-ftp properties file, user-connectivity file, etl-properties file under dcma-reporting, as well as the applicationContext-security.xml file (if using SAML SSO).<\/li>\n
  3. Username’s can also be encrypted in a similar way.<\/li>\n
  4. The encryption mechanism is similar for almost all the version, this tutorial largely focuses on the ephesoft versions above 4060 for both Windows & Linux Environment.<\/li>\n<\/ol>\n

     <\/p>\n

    Components<\/strong><\/p>\n

    Security, Encryption & Decryption<\/p>\n

     <\/p>\n

    Steps to Encrypt the passwords:<\/strong><\/p>\n

      \n
    1. Run the Encryptor.sh \/ Encryptor.bat (Ephesoft\\Application\\native\\encryption<\/em>) \u00a0where it will ask for plain text password and will convert it into encrypted text. Just make a note of all the encrypted passwords in a text file that needs to be replaced with the plain text in the configuration\u00a0files.<\/li>\n
    2. The location where you will need to change the plain text password is server.xml, user-connectivity(dcma-user-connectivity), etl-properties(dcma-reporting), ftp.properties(dcma-ftp) file.<\/li>\n
    3. Open the dcma-encryption.properties file (Ephesoft\\Application\\WEB-INF\\classes\\META-INF\\dcma-encryption) and set the value for\u00a0password.use_encryption &\u00a0password.encrypt to true.<\/li>\n
    4. If using LDAP & AD password Encryption in\u00a0server.xml\u00a0<\/strong>
      \na. Add a comment to\u00a0<Realm className=\u201dorg.apache.catalina.realm.UserDatabaseRealm\u201d resourceName=\u201dUserDatabase\u201d\/>
      \nb. In the realm settings change the value in the Realm Class name from org.apache.catalina.realm.JNDIRealm \u00a0to\u00a0 <Realm className=\u201dcom.ephesoft.realm.EphesoftRealm\u201c\/>
      \nc. Use the encrypted password generated for\u00a0connectionPassword\u00a0property when you configure AD in server.xml file.<\/li>\n
    5. If using Database\u00a0Password encryption in server.xml
      \n<\/strong>\u00a0a. Change the factory attribute in the Resource tag to \u201ccom.zaxxer.hikari.encryption.EncryptedHikariJNDIFactory\u201d and provide the encrypted password in the datasource.password attribute that was generated.
      \nNote<\/strong>:\u00a0To ensure successful DB connection, all Oracle DB passwords in server.xml have to be enclosed in quotes (e.g. dataSource.password=”&quot;Passw0rd&quot;”). When using Encryptor, make sure to provide only the password, without the double quotes (e.g. Passw0rd).<\/li>\n
    6. Along with these changes, make sure to change the password parameter in dcma-ftp since by default we use *(asterik) in password property which may cause an error and if not using ftp also you can use any encrypted password over here.<\/li>\n
    7. Make a final username and password change in etl-variables.properties file (Ephesoft\\Application\\WEB-INF\\classes\\META-INF\\dcma-reporting). Note that here it is important to encrypt both ephesoft.loginusername and ephesoft.loginpassword.<\/li>\n
    8. Once all these plain text passwords are replaced you can go ahead and restart the service.<\/li>\n<\/ol>\n

       <\/p>\n

      <\/a><\/a>Steps to enable LDAP\/AD password Encryption<\/h3>\n

      There are two files in which changes need to be done for the password encryption<\/p>\n

        \n
      • server.xml <\/strong>and<\/li>\n
      • dcma-encyption.properties <\/strong>available<\/li>\n<\/ul>\n

        The files are present at following location<\/p>\n

          \n
        • Ephesoft\\JavaAppServer\\conf\\server.xml<\/strong><\/li>\n
        • Ephesoft\\Application\\WEB-INF\\classes\\META-INF\\dcma-user-connectivity\\user-connectivity.properties<\/strong><\/li>\n<\/ul>\n

           <\/p>\n

          To enable password encryption for LDAP and AD following changes are needed.<\/p>\n

            \n
          1. Change the className<\/strong> attribute in the <Realm \u2026 ><\/strong> tag in the server.xml
            \nBy default the className attribute in the server.xml has the following value:
            \n<Realm className=”org.apache.catalina.realm.JNDIRealm<\/strong>“\/>
            \nChange the value to the following:
            \n<Realm className=”com.ephesoft.realm.EphesoftRealm<\/strong>“\/><\/li>\n
          2. Use an encrypted password for the connectionPassword <\/strong>attribute in the <Realm \u2026 ><\/strong> tag in the server.xml
            \n<Realm className=”com.ephesoft.realm.EphesoftRealm<\/strong>” connectionPassword = “<\/strong>mzoanUU1UD0rc1PvexuAKw==”<\/strong>\/><\/li>\n
          3. Turn on the password.use_encryption <\/strong>property present in the dcma-encyption.properties <\/strong>available at :
            \nEphesoft\\Application\\WEB-INF\\classes\\META-INF\\dcma-encryption.password.use_encryption=true<\/li>\n
          4. Use an encrypted password for the user.connectivity_password <\/strong>property in the dcma-userconnectivity.properties.\u00a0<\/strong>user.connectivity_password=”<\/strong>mzoanUU1UD0rc1PvexuAKw==”<\/strong><\/li>\n
          5. Comment out this line using <!– before and –> after this line in the server.xml: <Realm className=”org.apache.catalina.realm.UserDatabaseRealm” resourceName=”UserDatabase”\/><\/strong> but be sure not to comment out the <\/Realm> on the next line as that closes a previous realm and not this one.<\/li>\n<\/ol>\n

            Password Encryption:<\/h3>\n

            To encrypt the passwords the Encryptor.bat <\/strong>needs to be used available at the following location:<\/p>\n

              \n
            • {Ephesoft-Installation-Directory}\\Application\\native\\encryption\\Encryptor.bat<\/li>\n<\/ul>\n

              On running the above .bat file, and it will ask for the password string that need to be encrypted.<\/p>\n

              \"C:\\Users\\jatinderjindal\\Desktop\\Password_Enc_1.PNG\"<\/p>\n

              The password string needs to be entered here and on pressing \u201cEnter\u201d the encrypted password is returned.<\/p>\n

              \"C:\\Users\\jatinderjindal\\Desktop\\Password_Enc_2.PNG\"<\/p>\n

              NOTE: The encryption algorithm and cipher strength being used by encryptor.bat from Ephesoft is PBEWithMD5AndDES (56 bits).<\/p>\n","protected":false},"featured_media":0,"parent":22092,"menu_order":6,"comment_status":"closed","ping_status":"closed","template":"","doc_tag":[],"yoast_head":"\nHow to Encrypt Passwords in Ephesoft files | Ephesoft Docs<\/title>\n<meta name=\"robots\" content=\"noindex, follow\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Encrypt Passwords in Ephesoft files\" \/>\n<meta property=\"og:description\" content=\"Brief Description: This tutorial deals with the steps on how to encrypt the plain text passwords in the Ephesoft files […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/ephesoft.com\/docs\/products\/transact\/configurations\/security-configuration\/how-to-encrypt-passwords-in-ephesoft-files\/\" \/>\n<meta property=\"og:site_name\" content=\"Ephesoft Docs\" \/>\n<meta property=\"article:modified_time\" content=\"2020-05-19T19:24:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/ephesoft.com\/docs\/wp-content\/uploads\/2016\/03\/word-image115.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/ephesoft.com\/docs\/products\/transact\/configurations\/security-configuration\/how-to-encrypt-passwords-in-ephesoft-files\/\",\"url\":\"https:\/\/ephesoft.com\/docs\/products\/transact\/configurations\/security-configuration\/how-to-encrypt-passwords-in-ephesoft-files\/\",\"name\":\"How to Encrypt Passwords in Ephesoft files | Ephesoft Docs\",\"isPartOf\":{\"@id\":\"https:\/\/ephesoft.com\/docs\/#website\"},\"datePublished\":\"2016-12-21T08:11:31+00:00\",\"dateModified\":\"2020-05-19T19:24:21+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/ephesoft.com\/docs\/products\/transact\/configurations\/security-configuration\/how-to-encrypt-passwords-in-ephesoft-files\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/ephesoft.com\/docs\/products\/transact\/configurations\/security-configuration\/how-to-encrypt-passwords-in-ephesoft-files\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/ephesoft.com\/docs\/products\/transact\/configurations\/security-configuration\/how-to-encrypt-passwords-in-ephesoft-files\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/ephesoft.com\/docs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Transact\",\"item\":\"https:\/\/ephesoft.com\/docs\/products\/transact\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"System Configuration\",\"item\":\"https:\/\/ephesoft.com\/docs\/products\/transact\/configurations\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Security Configuration\",\"item\":\"https:\/\/ephesoft.com\/docs\/products\/transact\/configurations\/security-configuration\/\"},{\"@type\":\"ListItem\",\"position\":5,\"name\":\"How to Encrypt Passwords in Ephesoft files\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/ephesoft.com\/docs\/#website\",\"url\":\"https:\/\/ephesoft.com\/docs\/\",\"name\":\"Ephesoft Docs\",\"description\":\"Intelligent Document Processing Made Easy\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/ephesoft.com\/docs\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How to Encrypt Passwords in Ephesoft files | Ephesoft Docs","robots":{"index":"noindex","follow":"follow"},"og_locale":"en_US","og_type":"article","og_title":"How to Encrypt Passwords in Ephesoft files","og_description":"Brief Description: This tutorial deals with the steps on how to encrypt the plain text passwords in the Ephesoft files […]","og_url":"https:\/\/ephesoft.com\/docs\/products\/transact\/configurations\/security-configuration\/how-to-encrypt-passwords-in-ephesoft-files\/","og_site_name":"Ephesoft Docs","article_modified_time":"2020-05-19T19:24:21+00:00","og_image":[{"url":"https:\/\/ephesoft.com\/docs\/wp-content\/uploads\/2016\/03\/word-image115.png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/ephesoft.com\/docs\/products\/transact\/configurations\/security-configuration\/how-to-encrypt-passwords-in-ephesoft-files\/","url":"https:\/\/ephesoft.com\/docs\/products\/transact\/configurations\/security-configuration\/how-to-encrypt-passwords-in-ephesoft-files\/","name":"How to Encrypt Passwords in Ephesoft files | Ephesoft Docs","isPartOf":{"@id":"https:\/\/ephesoft.com\/docs\/#website"},"datePublished":"2016-12-21T08:11:31+00:00","dateModified":"2020-05-19T19:24:21+00:00","breadcrumb":{"@id":"https:\/\/ephesoft.com\/docs\/products\/transact\/configurations\/security-configuration\/how-to-encrypt-passwords-in-ephesoft-files\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/ephesoft.com\/docs\/products\/transact\/configurations\/security-configuration\/how-to-encrypt-passwords-in-ephesoft-files\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/ephesoft.com\/docs\/products\/transact\/configurations\/security-configuration\/how-to-encrypt-passwords-in-ephesoft-files\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/ephesoft.com\/docs\/"},{"@type":"ListItem","position":2,"name":"Transact","item":"https:\/\/ephesoft.com\/docs\/products\/transact\/"},{"@type":"ListItem","position":3,"name":"System Configuration","item":"https:\/\/ephesoft.com\/docs\/products\/transact\/configurations\/"},{"@type":"ListItem","position":4,"name":"Security Configuration","item":"https:\/\/ephesoft.com\/docs\/products\/transact\/configurations\/security-configuration\/"},{"@type":"ListItem","position":5,"name":"How to Encrypt Passwords in Ephesoft files"}]},{"@type":"WebSite","@id":"https:\/\/ephesoft.com\/docs\/#website","url":"https:\/\/ephesoft.com\/docs\/","name":"Ephesoft Docs","description":"Intelligent Document Processing Made Easy","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/ephesoft.com\/docs\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"comment_count":0,"_links":{"self":[{"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/docs\/11760"}],"collection":[{"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/docs"}],"about":[{"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/types\/docs"}],"replies":[{"embeddable":true,"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/comments?post=11760"}],"version-history":[{"count":0,"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/docs\/11760\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/docs\/22092"}],"next":[{"title":"Apache Server SSL setup with Ephesoft Transact on Linux","link":"https:\/\/ephesoft.com\/docs\/products\/transact\/configurations\/security-configuration\/apache-server-ssl-setup-with-ephesoft-on-linux\/","href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/docs\/11950"}],"prev":[{"title":"LDAP\/AD Password Encryption","link":"https:\/\/ephesoft.com\/docs\/products\/transact\/configurations\/security-configuration\/ldapad-password-encryption\/","href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/docs\/9017"}],"wp:attachment":[{"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/media?parent=11760"}],"wp:term":[{"taxonomy":"doc_tag","embeddable":true,"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/doc_tag?post=11760"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}