cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Abhi.Bajaj
AppDynamics Team

How to Encrypt and Secure Your Machine Agent AccessKey

Encryption and securing your credentials are of utmost importance now.

The Machine Agent lets you configure the encryption of your AccessKey. Let's go through the steps.  

1. Navigate to <Ma-Home> directory and Let's create a keyStore with below command:

 

jre/bin/java -jar lib/secure-credential-store-tool-1.3.23.jar generate_ks -filename '/opt/appdynamics/secretKeyStore' -storepass 'MyCredentialStorePassword'

 

This will create the keyStore for you.
The output should look like:

 

Successfully created and initialized new KeyStore file: /opt/appdynamics/secretKeyStore

 

2. Let's create a password to access this keyStore:

 

jre/bin/java -jar lib/secure-credential-store-tool-1.3.23.jar obfuscate -plaintext 'MyCredentialStorePassword'

 

The output should look like:

 

s_-001-12-oRQaGjKDTRs=xxxxxxxxxxxxx=

 

3. Encrypt your AccessKey:

 

jre/bin/java -jar lib/secure-credential-store-tool-1.3.23.jar encrypt -filename /opt/appdynamics/secretKeyStore -storepass 'MyCredentialStorePassword' -plaintext 'xxxxxx'

 

The output should look like:

 

-001-24-mEZsR+xxxxxxxxx==xxxxxxxxxxxx==

 

Great, now let's edit <MA-Home>/conf/controller-info.xml file and edit the accessKey while also adding a few more parameters for the encryption

 

<account-access-key>-001-24-mEZsR+nrScSXlewlZbTQgg==xxxxxxxxx==</account-access-key>
<credential-store-password>s_-001-12-xxxxxxx=xxxxxx=</credential-store-password>
<credential-store-filename>/opt/appdynamics/secretKeyStore</credential-store-filename>
<use-encrypted-credentials>true</use-encrypted-credentials>

 

Great work! You can deploy your Machine Agent now!

Version history
Last update:
‎10-08-2024 09:46 AM
Updated by:
Join Us On December 10
Learn how Splunk and AppDynamics are redefining observability


Register Now!

Observe and Explore
Dive into our Community Blog for the Latest Insights and Updates!


Read the blog here