Obfuscate access and secret key - PingIntelligence for APIs

Page created: 12 May 2021 |

Page updated: 1 Nov 2021

| 1 min read

5.0 Capability API Security Advanced API Cybersecurity Linux On-Premises Operating System Hosting Environment PingIntelligence for APIs Product PingCloud Private Tenant Deployment Method

Using the ASE command line interface, obfuscate the access key and secret key in abs.conf. The access key and secret key has been sent to you through the PingIdentity welcome email. ASE ships with a default master key (ase_master.key) which is used to obfuscate other keys and passwords. You can generate your own ase_master.key. For more information, see Obfuscate key and passwords

Note: During the process of obfuscation password, ASE must be stopped. For more information, see Stop ASE.

Obfuscate access and secret keys

Enter the access key and secret key provided to you in clear text in abs.conf. Run the obfuscate_keys command to obfuscate:

  
/opt/pingidentity/ase/bin/cli.sh obfuscate_keys -u admin -p 
  
Please take a backup of config/ase_master.key, config/ase.conf, config/abs.conf, and config/cluster.conf before proceeding

If config keys and passwords are already obfuscated using the current master key, they are not obfuscated again

Following keys will be obfuscated:
config/ase.conf: sender_password, keystore_password
config/abs.conf: access_key, secret_key
config/cluster.conf: cluster_secret_key
    
Do you want to proceed [y/n]:y
obfuscating config/ase.conf, success
obfuscating config/abs.conf, success
obfuscating config/cluster.conf, success

Start ASE after keys are obfuscated. For more information, see Start ASE.

Important: ase_master.key must be present in the /opt/pingidentity/ase/config/ directory for ASE to start.