Using the API Security Enforcer (ASE) command-line interface (CLI), you can obfuscate keys and passwords configured in the ase.conf, cluster.conf, and abs.conf files.
When obfuscating a password, you must stop ASE.
Here is the obfuscated data in each file:
- ase.conf – Email and keystore (PKCS#12) password
- cluster.conf – Cluster authentication key
- abs.conf – ABS access and secret key
ASE ships with a default master key (ase_master.key
), which is used to
obfuscate other keys and passwords. You should generate your own
ase_master.key
.
The following diagram summarizes the obfuscation process.