• Home
• org.infinispan
• infinispan-cli-client-jakarta
• 14.0.30.Final
• source code
• credentials.adoc

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

help.credentials.adoc Maven / Gradle / Ivy

 CREDENTIALS(1)
==============
:doctype: manpage


NAME
----
credentials - manages keystores that contain ${infinispan.brand.name} Server credentials


SYNOPSIS
--------
*credentials ls*

*credentials add* 'alias'

*credentials remove* 'alias'

*credentials mask* -i iterations -s salt secret


DESCRIPTION
-----------
List, create, and remove credentials inside a keystore and mask keystore passwords.
By default, commands manage the `credentials.pfx` keystore in the server configuration directory.


SYNOPSIS
--------
*credentials ls*::
Lists credential aliases stored in the keystore.

Add a credential

*credentials add* 'alias'::
Adds an alias and corresponding credential to the keystore.

Remove a credential

*credentials remove* 'alias'::
Deletes an alias and corresponding credential from the keystore.

*credentials mask* -i iterations -s salt 'secret'::
Obscure the keystore password with a mask for additional security.


OPTIONS
-------
*-h, --help*::
Prints command help.

*-s, --server-root*='path-to-server-root'::
Specifies the path to the server root directory. Defaults to `server`.

*--path*='credentials.pfx'::
Specifies the path to the credential keystore. Defaults to the server configuration directory, `server/conf`.

*-p, --password*='password'::
Specifies a password for the credential keystore.

*-t, --type*='PKCS12'::
Specifies the type of keystore that contains credentials. Supported types are `PKCS12` or `JCEKS`. Defaults to `PKCS12`.


CREDENTIALS ADD OPTIONS
-----------------------
*-c, --credential*='credential'::
Specifies the credential to store.


CREDENTIALS MASK OPTIONS
------------------------
*-i, --iteration*='n'::
Sets the number of iterations.

*-s, --salt*='salt'::
Sets the salt and must be of length 8.


EXAMPLES
--------
`credentials add dbpassword -c changeme -p "secret1234!"` +
Creates a new default credential keystore, if does not already exist, and adds an alias of "dbpassword" for a password of "changeme".
This command also sets "secret1234!" as the password for the credential keystore, which must match the password in the server configuration:
 ``

`credentials ls -p "secret1234!"` +
Lists all aliases in the default credential keystore.

`credentials add ldappassword -t JCEKS -p "secret1234!"` +
Creates a credential keystore in JCEKS format and adds an alias "ldappassword".
This command prompts you to specify the password that corresponds to the alias.

`credentials mask "secret1234!" -i 100 -s pepper99`
Creates a masked representation of the credential "secret1234!" using 100 iterations using the string `pepper99` as salt.