PingIntelligence

Changing default settings

It is recommended that you change the default key and password in ASE.

About this task

Below is a list of commands to change the default values:

Changing ase_master.key

Create your own ASE master key to obfuscate keys and password in ASE.

Before you begin

ASE must be stopped before creating a new ase_master.key.

About this task

To create your own ASE master key:

Steps

  1. Run the following command to create your own ASE master key to obfuscate keys and password in ASE: generate_obfkey.

    /opt/pingidentity/ase/bin/cli.sh generate_obfkey -u admin -p admin
API Security Enforcer is running. Please stop ASE before generating new obfuscation master key

  2. Stop ASE by running the following command:

    /opt/pingidentity/ase/bin/stop.sh -u admin –p admin
checking API Security Enforcer status…sending stop request to ASE. please wait…
API Security Enforcer stopped

  3. Enter the generate_obfkey command to change the default ASE master key:

    /opt/pingidentity/ase/bin/cli.sh -u admin -p admin generate_obfkey
Please take a backup of config/ase_master.key, config/ase.conf,
config/abs.conf, config/cluster.conf before proceeding
Warning: Once you create a new obfuscation master key, you should
obfuscate all config keys also using cli.sh obfuscate_keys
Warning: Obfuscation master key file /opt/pingidentity/ase/config/ase_master.key already exist.
This command will delete it create a new key in the same file
Do you want to proceed [y/n]:

  4. After a new ASE master key is generated, start ASE by entering the following command:

    /opt/pingidentity/ase/bin/start.sh
Starting API Security Enforcer 4.0...
please see /opt/pingidentity/ase/logs/controller.log for more details

Changing the key store password

You can change the key store password.

Before you begin

ASE must be running for updating the keystore password.

About this task

To change the key store password:

Steps

  1. Enter the following command: update_keystore_password.

    /opt/pingidentity/ase/bin/cli.sh update_keystore_password -u admin -p admin
New password >
New password again >
keystore password updated

    The default password is asekeystore.

Changing the admin password

You can change the default admin password.

About this task

To change the admin password:

Steps

  1. Enter the following command:

    /opt/pingidentity/ase/bin/cli.sh update_password -u admin -p
Old password >
New password >
New password again >
Password updated successfully