Skip to main content
Version: Early Access

Store Encrypted Passwords in Deploy

This topic describes how Digital.ai Deploy provides a mechanism to automatically encrypt passwords, allowing you to reference them without storing third-party passwords in plain text in configuration files.

To declare a new third-party password:

  1. Add the password to the XL_DEPLOY_SERVER_HOME/conf/deployit.conf file:

    third.party.password=value
    note

    Any secrets in the configuration file that have the password or secret suffix will be encrypted.

  2. Restart Deploy. The password will automatically be encrypted in the deployit.conf file.

     third.party.password={aes\:v0}vEWwVYoSXqKXW+1Zro5u4KwFiMfsQJ0TJBeTsmtXgv8\=

  3. Use the password in Spring configuration files.

    For example, if you declare ldap.xldeploy.password in the deployit.conf file, then you can use it in the XL_DEPLOY_SERVER_HOME/conf/deployit-security.xml file:

    <bean id="ldapServer" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
        <property name="password" value="${ldap.xldeploy.password}"/>
        ...
    </bean>