SSL: Password Obfuscation

Administrators use SSL with their own certificates. According to the documentation, passwords need to be added in plain (readable) text format in the config file called jetty-ssl.xml and jetty-ssl-terminalapi.xml.


A request is to create a possibility to encrypt passwords before they are added to the file.


This is how to obfuscate the password:

  • Open a command prompt.
  • CD to <EOP install dir>
  • Type the following command:
    <strong>jre\bin\java -cp "lib\jetty-6.1.26.jar;lib\jetty-util-6.1.26.jar"</strong><strong>ssword &lt;user-name&gt; &lt;password&gt;</strong>
  • Replace <user-name> with any value, and <password> with the password you want to obfuscate.
  • Now you can copy the resulting 'OBF:xxxxxxxx' value to the XML config file (including OBF: prefix).