Indirect binding only: Encrypting the external LDAP user’s password
Edge for Private Cloud v. 4.16.09
If you are using indirect binding, you need to provide an external LDAP username and password in management-server.properties that Apigee uses to log into the external LDAP and perform the indirect credential search.
Using plain text passwords in config files may be adequate for testing purposes; however, for production environments, encryption is highly recommended.
The following steps explain how to encrypt your password:
- Execute the following Java utility, replacing the <YOUR EXTERNAL LDAP PASSWORD> with your actual external LDAP password:
java -cp /opt/apigee/edge-gateway/lib/thirdparty/*:/opt/apigee/edge-gateway/lib/kernel/*:/opt/apigee/edge-gateway/lib/infra/libraries/* com.apigee.util.CredentialUtil --password="<YOUR EXTERNAL LDAP PASSWORD>"
- In the output of the command, you will see a newline followed by what looks like a random character string. Copy that string.
- Edit /opt/apigee/customer/application/management-server.properties.
- Update the following property, replacing <myAdPassword> with the string you copied from step 2, above.
- Be sure the following property is set to true:
- Save the file.
- Restart the Management Server:
>/opt/apigee/apigee-service/bin/apigee-service edge-management-server restart
- Verify that the server is running:
> /opt/apigee/apigee-service/bin/apigee-all status
Testing the installation
See the testing section at the end of Enabling external authentication , and perform the same test described there.
Help or comments?
- If something's not working: Ask the Apigee Community or see Apigee Support.
- If something's wrong with the docs: Send Docs Feedback
(Incorrect? Unclear? Broken link? Typo?)