PingIntelligence

Change default settings

It is recommended that you change the default key and password in ASE. Following is a list of commands to change the default values:

Change ase_master.key

Run the following command to create your own ASE master key to obfuscate keys and password in ASE.

Command: generate_obfkey. ASE must be stopped before creating a new ase_master.key

/opt/pingidentity/ase/bin/cli.sh generate_obfkey -u admin -p admin
API Security Enforcer is running. Please stop ASE before generating new obfuscation master key

Stop ASE: Stop ASE by running the following command:

/opt/pingidentity/ase/bin/stop.sh -u admin –p admin
checking API Security Enforcer status…sending stop request to ASE. please wait…
API Security Enforcer stopped

Change ase_master.key: Enter the generate_obfkey command to change the default ASE master key:

/opt/pingidentity/ase/bin/cli.sh -u admin -p admin generate_obfkey
Please take a backup of config/ase_master.key, config/ase.conf,
config/abs.conf, config/cluster.conf before proceeding
Warning: Once you create a new obfuscation master key, you should
obfuscate all config keys also using cli.sh obfuscate_keys
Warning: Obfuscation master key file /opt/pingidentity/ase/config/ase_master.key already exist.
This command will delete it create a new key in the same file
Do you want to proceed [y/n]:

Start ASE: After a new ASE master key is generated, start ASE by entering the following command:

/opt/pingidentity/ase/bin/start.sh
Starting API Security Enforcer 4.0...
please see /opt/pingidentity/ase/logs/controller.log for more details

Change keystore password

You can change the keystore password by entering the following command. The default password is asekeystore. ASE must be running for updating the keystore password.

Command: update_keystore_password

/opt/pingidentity/ase/bin/cli.sh update_keystore_password -u admin -p admin
New password >
New password again >
keystore password updated

Change admin password

You can change the default admin password by entering the following command:

/opt/pingidentity/ase/bin/cli.sh update_password -u admin -p
Old password >
New password >
New password again >
Password updated successfully