Preparing for password encryption

For enhanced security, BMC Helix IT Operations Management uses encrypted passwords for deployment. After you download the product files from the BMC Electronic Product Distribution (EPD), you can prepare for password encryption.

Related topics

Configuration-file-settings

To prepare for password encryption

  1. Go to the commons/certs directory and open the secrets.txt file.

    Important

    Use only the new secrets.txt file to set the passwords:

    • For a fresh installation, use the secrets.txt file that you downloaded along with the deployment manager.
      See Downloading-the-deployment-manager.
    • For an upgrade, the upgrade configuration utility picks the values from the latest successful deployment of BMC Helix IT Operations Management to configure the secrets.txt files.
      We recommend that you review the       secrets.txt files before starting the upgrade. 

  2. Add the following passwords to this file and then save it:

    Best practice
    The secrets.txt file is deleted after installation. You may save the secrets.txt file in a secure location for future reference.

    Important

    Do not use special characters in the password.

    Important

    Make sure you provide all passwords of the applications that you want to deploy in the secrets.txt file. If you fail to add any password in the secrets.txt file, the deployment fails with the following error:

    password_encry_failure.png

Sample secrets.txt file

# cat commons/certs/secrets.txt
#Please put the passwords in this file
IMAGE_REGISTRY_PASSWORD=password123
SMTP_PASSWORD=test123
SMART_SYSTEM_PASSWORD=password123
PG_PASSWD=pGTest2020
KIBANA_PASSWORD=kibana123
MINIO_ACCESS_KEY=admin
MINIO_SECRET_KEY=admin123
# ES_JKS_PASSWORD is required only when you are using Custom CA certificate, else keep value as ES_JKS_PASSWORD=""
ES_JKS_PASSWORD=test012

################## End OF THE FILE ####################

(Optional) To change the default login passwords

You can find the default login passwords for BMC Helix Single Sign-on(HSSO) and ElasticSearch in the default. password file.

To modify the default password, follow these steps:

  1. Go to commons/certs/default/
  2. Open the default.password file
  3. To change the default HSSO login password, change the values of the following parameters:
    • RSSO_NEW_PASSWORD
    • RSSO_PASSWORD            
    • LOCAL_PASSWORD
  4. To change the default ElasticSearch login password, change the values of the following parameters:
    • ES_USER_PASSWORD

Important

Make a note of the password that you set.

Where to go from here

Configuration-file-settings

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*