Configuring a Proxy Connection Using an Encrypted Password

When you configure a proxy server for Code Insight using an encrypted password (as described in Configuring the Proxy Server Connection Using an Unencrypted Password), the password is stored in plain text in the catalina.sh or .bat file used to start up the proxy. If the storage of the plain-text password is not acceptable at your site, you have the option to store the proxy password as an encrypted string in a secure vault (which is configured using a Tomcat Vault utility shipped with Code Insight). Then, when the proxy server is launched, Tomcat can access the vault to retrieve the encrypted password.

Use the following steps to first configure the vault, store the encrypted password, and then configure Code Insight to use the encrypted password in its connection with the proxy server. You will need to perform this configuration process on the instance hosting the Core Server and repeat it on each separate instance hosting a Scan Server.

• Step 1: Enable Tomcat Vault for Use by Tomcat

• Step 2: Create the Java Keystore for the Vault

• Step 3: Initialize the Password Vault

• Step 4: Store the Proxy Password in the Vault

• Step 5: Use the Stored Proxy Password in Your Tomcat Configuration