ECN-AW137 Additional encryption for obfuscated URLs

Product: AcuToWeb

Module: AcuToWeb

Machines Affected: all


A new configuration option, ENABLE_RSA_ENC, enables additional encryption to be applied to obfuscated URLs. By enabling this option, important information such as alias, user, and password is encrypted using a 2048-bit RSA key before the base64 encoding is applied as part of the obfuscation.

When ENABLE_RSA_ENC is enabled (that is, set to 1), a 2048-bit RSA key (crytRSA.pem) is generated when the gateway is started. You must ensure that this key remains in the AcuToWeb sub-directory of your product installation directory in order to correctly apply the encryption when you click Make URL when the Obfuscate Param option is selected.

By default, this functionality is disabled.