Indirect binding only: Encrypting the external LDAP user's password
Edge for Private Cloud v4.18.01
If you are using indirect binding, you need to provide an external LDAP username and password
in management-server.properties
that Apigee uses to log into the external LDAP and perform the indirect credential
search.
The following steps explain how to encrypt your password:
Execute the following Java utility, replacing the <YOUR EXTERNAL LDAP PASSWORD> with
your actual external LDAP password: java -cp
/opt/apigee/edge-gateway/lib/thirdparty/*:/opt/apigee/edge-gateway/lib/kernel/*:/opt/apigee/edge-gateway/lib/infra/libraries/*
com.apigee.util.CredentialUtil --password="<YOUR EXTERNAL LDAP
PASSWORD>"
In the output of the command, you will see a newline followed by what looks like a random
character string. Copy that string.
Update the following property, replacing <myAdPassword> with the string you
copied from step 2, above. conf_security_externalized.authentication.indirect.bind.server.admin.password=<myAdPassword>
Be sure the following property is set to true: conf_security_externalized.authentication.indirect.bind.server.admin.password.encrypted=true
Save the file.
Restart the Management Server: >/opt/apigee/apigee-service/bin/apigee-service
edge-management-server restart
Verify that the server is running: > /opt/apigee/apigee-service/bin/apigee-all
status