sbcipher
StreamBase — enciphers text or generates cipher keys for use in StreamBase Server configuration files
SYNOPSIS
sbcipher
[[-Jjvm-option
]] {[-k pathToPrivateKeyFile
]} {[-p] || [-c "clear text to encipher"]
}
sbcipher
[[-Jjvm-option
]] {[-h] || [-v]}
sbcipher
[[-Jjvm-option
]] {-g pathToKeyFiles
} {-s KeySize
}
DESCRIPTION
Can be used to encipher passwords, URIs that contain passwords, and other parameter text values in the <data-sources>
and <operator-parameters>
sections of the StreamBase Server configuration file. Three elements of the configuration file accept the enciphered="true"
attribute: <param>
and <uri>
in the <data-sources>
section, and <operator-parameter>
.
In StreamBase Studio, open a StreamBase command prompt and issue the sbcipher command. Copy the terminal output and paste it in the relevant element of a configuration file.
A common key pair is embedded in clear text in the sbcipher command and in StreamBase Server. By default, sbcipher -c and sbcipher -p use the private key of that embedded common key pair. Specify -k
with -c
to designate a separate private key generated in advance with -g
.
sbcipher -g can be optionally used to create unique client-server key pairs that can be subsequently used by the sbcipher command and supplied to StreamBase Server by means of the streambase.security.key-file
Java property.
OPTIONS
-c
,"clear text to encipher"
--cipher
"clear text to encipher"
-
Enciphers the argument, and prints the results on stdout. To prevent the input text from being recorded in the session history, use
-p
instead of-c
. -p
,--prompt
-
Prompts for plain text to encipher and prints the results on stdout. A more secure alternative to
-c
. Do not enter text as a command argument. You can also pipe the plain text from stdin. -g
,pathToKeyFiles
--generate
pathToKeyFiles
-
Generates a client-server key pair and writes the files to the path specified, using the basename of the last element of the path as the basename of the keys. The client key is generated with the name
, while the server key is generated asbasename
.sbcipher
.basename
.server -h
,--help
-
Displays usage information, then exits.
-J
jvm-option
-
Specifies a system property setting or other JVM argument to be passed to the JVM running the enciphering process. Use this option to specify temporary settings that affect only the current invocation of sbcipher. You must specify multiple
-J
options to specify multiple JVM arguments.There must be no space after the
-J
. For example, specify-J-Xmx2G
. Use the full option syntax forjvm-option
that you would use at the Java command line, including the initial hyphen. For example, specify-J-Dstreambase.log-level=2
to increase the log level for this invocation of sbcipher.Your
jvm-option
argument might require surrounding quotes, depending on the characters it contains and the shell you are using. However, do not use quotes to escape the spaces between separate JVM arguments; instead use separate-J
options. For example:-J-Xms512M -J-Xmx2G
- -k
pathToPrivateKeyFile
, --keypathToPrivateKeyFile
-
Specify a
file generated withbasename
.server-g
as the private key to use when enciphering a string with-c
. -s
,KeySize
--size
KeySize
-
Specifies the desired bit size for the keys generated with
-g
. Valid values for
are 512, 1024, 2048, and 4096.KeySize
-v
,--version
-
Displays the version of the command.