Encrypting the administrator password

When creating a local product administrator user for an AppScan® Enterprise Server, you add the administrator user and password to the server.xml file. You can encrypt that password by following the instructions in this topic.

When you edit the server.xml file (by following the instructions in Creating a local product administrator user for an AppScan Enterprise Server that is configured with LDAP or Creating a local product administrator user for an AppScan Enterprise Server that is configured with Windows authentication), you can use the securityUtility tool to encode the password for the administrator user. On Windows™, the tool is located in Liberty\bin in the AppScan Enterprise Server installation directory. On Linux™, the tool is located in Liberty/bin. When you run the securityUtility encode command, you either supply the password to encode as an input from the command line or, if no arguments are specified, the tool prompts you for the password. The tool then outputs the encoded value. For example, to encode a password value of ADMIN, issue the securityUtility encode ADMIN command. this should generate an output value of {xor}HhsSFhE=.

Copy the value that is generated by the tool, and use that value for the password when adding the basicRegistry section to the server.xml file. For example, add this to the file:

<basicRegistry id="basic" realm="customRealm">
  <user name="ADMIN" password="{xor}HhsSFhE=" />
</basicRegistry>