Obscured Value Passphrase Provider

Obscured Value Passphrase Provider provide a mechanism for using a passphrase that is stored directly in the configuration. That value will be encrypted, but the encryption will use a hard-coded key, and a determined attacker may be able to obtain the clear-text value, so you should not rely purely on this obfuscation to ensure that the value remains secret.

Parent Component Properties dsconfig Usage

Parent Component

The Obscured Value Passphrase Provider component inherits from the Passphrase Provider

Properties

The properties supported by this managed object are as follows:


Basic Properties: Advanced Properties:
 description  None
 enabled
 obscured-value

Basic Properties

description

Description
A description for this Passphrase Provider
Default Value
None
Allowed Values
A string
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action

enabled

Description
Indicates whether this Passphrase Provider is enabled for use in the server.
Default Value
None
Allowed Values
true
false
Multi-Valued
No
Required
Yes
Admin Action Required
None. Modification requires no further action

obscured-value

Description
The value to be stored in an obscured form.
Default Value
None
Allowed Values
A string
Multi-Valued
No
Required
Yes
Admin Action Required
None. Modification requires no further action


dsconfig Usage

To list the configured Passphrase Providers:

dsconfig list-passphrase-providers
     [--property {propertyName}] ...

To view the configuration for an existing Passphrase Provider:

dsconfig get-passphrase-provider-prop
     --provider-name {name}
     [--tab-delimited]
     [--script-friendly]
     [--property {propertyName}] ...

To update the configuration for an existing Passphrase Provider:

dsconfig set-passphrase-provider-prop
     --provider-name {name}
     (--set|--add|--remove) {propertyName}:{propertyValue}
     [(--set|--add|--remove) {propertyName}:{propertyValue}] ...

To create a new Obscured Value Passphrase Provider:

dsconfig create-passphrase-provider
     --provider-name {name}
     --type obscured-value
     --set enabled:{propertyValue}
     --set obscured-value:{propertyValue}
     [--set {propertyName}:{propertyValue}] ...

To delete an existing Passphrase Provider:

dsconfig delete-passphrase-provider
     --provider-name {name}