Encrypting the shared secret on a client

Passwords exist in the OpenText ScanCentral SAST client configuration file as plain text. You can encrypt the client_auth_token property value.

To encrypt a shared secret on a client:

  1. At the command prompt, run one of the following commands:

    • For an embedded client installed with OpenText SAST, run:

      <sast_install_dir>/bin/pwtool <pwtool_keys_file>

    • For a standalone client, run:

      <client_install_dir>/bin/pwtool <pwtool_keys_file>

  2. When prompted, type the password to encode, and then press Enter.

    The pwtool generates a new key in the file on the specified path or reuses an existing file and prints the encrypted password.

  3. Open the client.properties file in a text editor and update the values for the following properties:

    1. Copy the new encrypted secret, and paste it as the value for the client_auth_token property.

    2. Add the name of your pwtool keys file:

      pwtool_keys_file=<pwtool_keys_file>

  4. Save and close the client.properties file.

See also

Installing clients