automate vault creation
How to automate the creation of a password vault on Jboss eap 6.4.14?
The idea is to create a script that defines a standalone Jboss instance. Multiple standalone instances will be supported sharing a common Jboss eap installation. The script will define a ready to use instance so with a:
vault
ldap connection (using ssl/tls) for admin users
keystore
truststore
With eap 6.4.14 I noticed that a vault will only be created by setting an attribute/sec_attribute pair. The output is an xml string. It will be much more convenient to have the output as a cli command. does anyone already some scripts for this and is willing to share them?
Responses
Hi Paul,
Changing the output to a CLI command is on the radar for the JBoss EAP 7.x stream: https://issues.jboss.org/browse/JBEAP-5220
You could use a script to programatically convert the XML to a CLI command. The CLI command you would want is:
/core-service=vault:add( \
vault-options=[ \
("KEYSTORE_URL" => "PATH_TO_KEYSTORE"), \
("KEYSTORE_PASSWORD" => "MASKED_PASSWORD"), \
("KEYSTORE_ALIAS" => "ALIAS"), \
("SALT" => "SALT"), \
("ITERATION_COUNT" => "ITERATION_COUNT"), \
("ENC_FILE_DIR" => "ENC_FILE_DIR")])
See the JBoss EAP 'How To Configure Server Security' guide for more info on the CLI command to configure JBoss EAP to use the vault: https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4/html-single/how_to_configure_server_security/#three_configure_red_hat_jboss_enterprise_application_platform_6_to_use_the_password_vault
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
