You're viewing help content for version:

Overview

This feature allows all OSGi configuration properties to be stored in a protected encrypted form instead of clear text. The form in the the Web Console UI is used to create encrypted text from clear text using the system wide encryption master key.

OSGi Configuration Plugin support was added in order to decrypt the property before it is used by a service.

Note:

Services that expect an encrypted value need to use the IsProtected check to see if the value is encrypted before trying to decrypt it, as it may already have been decrypted.

Enabling Encryption Support

These steps show how to encrypt the SMTP password for the Mail service. You can complete these steps for an OSGI property you want encrypted.

  1. Go to the AEM Web Console at http://serveraddress:serverport/system/console/configMgr

  2. In the upper left corner, go to Main - Crypto Support

    chlimage_1
  3. The Adobe Experience Manager Web Console Crypto Support page is displayed.

    screen_shot_2018-08-01at113417am
  4. In the Plain Text field, enter the text of the sensitive data you want to protect.

  5. Select Protect. The Protected text is displayed as encrypted text.

    screen_shot_2018-08-01at113844am
  6. Copy the Protected Text from Step#5 and paste it into OSGI Form value. In this example, the ecrypted SMTP password is added to the Day CQ Mail Service.

    screen_shot_2016-12-18at105809pm
  7. Save the Day CQ Mail Service properties. The SMTP password will now be sent as an encrypted value.

Decryption Support

AEM now provides a Configuration Plugin to decrypt configuration properties. This AEM Plugin will automatically decrypt and retrieve the clear text properties. 

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License  Twitter™ and Facebook posts are not covered under the terms of Creative Commons.

Legal Notices   |   Online Privacy Policy