IBM RegTech Ideas Portal

 Welcome!

 

Our team welcomes any feedback and suggestions you have for improving our offerings. This forum allows us to connect your product improvement ideas with IBM product and engineering teams.

 

For product documentation, see Knowledge Center.
Create and View Support Cases and Use the Discussion Forum here

 

Reminder: This is not the place to submit defects or support needs, please use normal support channel for these cases

 

The shorter URL for this site is:   http://ibm.biz/WFS-Ideas

IBMers, please visit the WFSS Internal Ideas portal https://ibm.biz/WFS-Internal-Ideas

 

note: The IBM ICM IDEAS Portal is no longer available at this location. If you have reached this page, please look for a new link in the Varicent Administrator. Direct links are found under the "?" in the upper right corner.
A period of transition is likely to impact this service, while ICM becomes Varicent. Please contact Varicent support if you have additional challenges or concerns.

Hardcoded Encryption Key in OpenPages

Hardcoded Encryption Key is being used in OpenPages. As checked with IBM support team, here is the information:

"For LDAP authentication, the aurora_auth.config is configured and it stores the LDAP "security.search.user.credentials". The password in aurora_auth.config file will be encrypted via AES 256 algorithm when
the OpenPages server starts. We have been using the default key which is packaged with the OpenPages product until OP 72 FP1."

However, according to the latest update from IBM support:
"I got confirmation from developers that the custom encrypted keystore did not make the 7.3 release, which is why I couldn't find it mentioned in the documentation."

In this case, would you please enhance the product to include this feature.
  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Mar 29 2019
  • Shipped
Component Other
Priority High - Critical