Preparing for password encryption

For enhanced security, BMC Helix IT Operations Management (BMC Helix ITOM) uses encrypted passwords for deployment. After you download the product files from the BMC Electronic Product Distribution (EPD), you can prepare for password encryption.

To prepare for password encryption

Go to the commons/certs directory and open the secrets.txt file.
Important
Use only the new secrets.txt file to set the passwords:
- For a fresh installation, use the secrets.txt file that you downloaded along with the deployment manager.
  See Downloading-the-deployment-manager.
- If upgrading the system, use the secrets.txt file in your new working directory (new_working_directory).
Do not copy the older version of the secrets.txt file because it is incompatible with the newer version. However, we recommend that you refer to the older version of the secrets.txt file to understand the syntax and to get the values that you had set previously.
Add the following passwords to this file and then save it:
Best practice
The secrets.txt file is deleted after installation. You will need the values set in the secrets.txt file for future upgrades. Hence, save the secrets.txt in a secure location. The [confluence_table-plus] macro is a standalone macro and it cannot be used inline. Click on this message for details.
This macro generates standalone content. As a consequence you need to make sure to use a syntax that separates your macro from the content before and after it so that it's on a line by itself. For example in XWiki Syntax 2.0+ this means having 2 newline characters (a.k.a line breaks) separating your macro from the content before and after it.
Important
Make sure you provide all passwords of the applications that you want to deploy in the secrets.txt file. If you fail to add any password in the secrets.txt file, the deployment fails with the following error:

Sample secrets.txt file

# cat commons/certs/secrets.txt
#Please put the passwords in this file
IMAGE_REGISTRY_PASSWORD=password123
SMTP_PASSWORD=test123
SMART_SYSTEM_PASSWORD=password123
PG_PASSWD=pGTest2020
KIBANA_PASSWORD=kibana123
MINIO_ACCESS_KEY=admin
MINIO_SECRET_KEY=admin123
# ES_JKS_PASSWORD is required only when you are using Custom CA certificate, else keep value as ES_JKS_PASSWORD=""
ES_JKS_PASSWORD=test012

################## End OF THE FILE ####################

(Optional) To change the default login passwords

You can find the default login passwords for BMC Helix Single Sign-on(HSSO) and ElasticSearch in the default. password file.

To modify the default password, follow these steps:

Go to commons/certs/default/
Open the default.password file
To change the default HSSO login password, change the values of the following parameters:
- RSSO_NEW_PASSWORD
- RSSO_PASSWORD
- LOCAL_PASSWORD

Important

Make a note of the password that you set.

Where to go from here

Configuration-file-settings