...
The Secure Properties key store can store any value, while it prevents sensitive credentials from being stored as plain text on disk.
...
The Actions and Examples table shows how you can work with the secure properties and provides examples.
Actions and Examples | |||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| |||||||||||||||||||||||
| Code Block |
|---|
$ acli system -a setSecureProperty --name my-jira.token --secret
Enter secure properties password: <password prompt>
Value for key 'my-jira.token' set in secure properties file. |
clearSecureProperties
This action clears the entire secure properties key store file. To ensure that a value is not accidentally removed, you are prompted for confirmation. If you add the --force parameter, the secure property file is removed without confirmation.
To complete the action, you are prompted to insert the key store password.
| Note |
|---|
If you have forgotten the password, you must manually rename or delete the key store file (named We recommend renaming the file (rather than deleting it) if there’s any chance you might later remember the password and still need the contents of the file. |
Example: Clear all Secure Properties
| Code Block | ||
|---|---|---|
| ||
$ acli system -a clearSecureProperties
Enter secure properties password: <password prompt>
Enter CONFIRM to permanently clear all secure properties (CANNOT be undone): CONFIRM
Secure properties cleared. |
getSecureProperty
This action retrieves a secure property from the key store. By default, it only indicates whether the named entry exists in the key store. To retrieve the property value as well, use: --outputFormat 2.
Example: Get Secure Property
| Code Block | ||
|---|---|---|
| ||
$ acli system -a getSecureProperty --name foo
Enter secure properties password: <password prompt>
Secure property 'foo' exists in the secure properties file. |
Example: Get Secure Property with value
| Code Block | ||
|---|---|---|
| ||
$ acli system -a getSecureProperty --name foo --outputFormat 2
Enter secure properties password: <password prompt>
Value of secure property 'foo': bar |
importSecureProperties
This action allows you to import secure properties from another key store file to your default key store. To do so, you need the password for both the source and destination key stores.
OPTIONS
Use the
--replaceparameter to avoid being asked to confirm overwriting properties during import.Use the
--includeand--excludeparameters to filter the properties being imported.
Note that each of the imported properties, take a regular expression value that is evaluated against the list of keys in the source key store.
| Note |
|---|
This can be useful for sharing selected secure properties, just ensure to not store or transmit the key store password with the key store file! |
The following examples assume that both .acli.keystore and import.keystore contain entries for the keys foo and bar.
Example: Import Secure Properties
| Code Block | ||
|---|---|---|
| ||
$ acli system -a importSecureProperties -f import.keystore
Enter secure properties password: <destination password prompt>
Enter inbound secure properties password: <source password prompt>
Imported 0 secure properties.
Ignored: buz,foo. Use --replace to overwrite existing values. |
Example: Import select Secure Properties (via inclusion) with replacement
| Code Block | ||
|---|---|---|
| ||
$ acli system -a importSecureProperties -f import.keystore --include '(?i)^F' --replace
Enter secure properties password: <destination password prompt>
Enter inbound secure properties password: <source password prompt>
Imported 1 secure property: foo. |
removeSecureProperty
This action removes a secure property from the key store. To ensure that a value is not accidentally removed, you are prompted for confirmation.
If you add the --force parameter, the secure property is removed without confirmation.
If after this operation the key store is empty, it is automatically removed.
Example: Remove a Secure Property
| Code Block | ||
|---|---|---|
| ||
$ acli system -a removeSecureProperty --name my-jira.token
Enter secure properties password: <password prompt>
Enter CONFIRM to permanently remove the secure property 'my-jira.token': CONFIRM
Removed value for key 'my-jira.token' from secure properties file. |
Example: Force remove a Secure Property (with deletion of empty key store)
| Code Block |
|---|
$ acli system -a removeSecureProperty --name my-jira.token --force
Enter secure properties password: <password prompt>
Removed value for key 'my-jira.token' from secure properties file.
Deleted empty keystore file. |
exportSecureProperties
This action allows you to export secure properties from your default key store to another key store file. To do so, you need the password for both the source and destination key stores.
OPTIONS
Use the
--replaceparameter to avoid being asked to confirm overwriting properties during export.Use the
--includeand--excludeparameters to filter the properties being exported.
Note that each of the exported properties, take a regular expression value that is evaluated against the list of keys in the source key store.
The following examples assumes that both .acli.keystore and import.keystore contain entries for the keys foo and bar.
Example: Export select Secure Properties (via exclusion) with replacement
| Code Block | ||
|---|---|---|
| ||
$ acli system -a exportSecureProperties -f export.keystore --exclude '(?i)^F' --replace
Enter secure properties password: <source password prompt>
Enter outbound secure properties password: <destination password prompt>
Exported 1 secure property: buz. |
getSecurePropertyList
This action returns all secure properties from the key store. To retrieve the list of property values as well, use: --outputFormat 2.
Example: Get Secure Property list
| Code Block | ||
|---|---|---|
| ||
$ acli system -a getSecurePropertyList
Enter secure properties password:<password prompt>
2 secure properties in list
"Name"
"buz"
"foo" |
Example: Get Secure Property list with values
| Code Block | ||
|---|---|---|
| ||
$ acli system -a getSecurePropertyList --outputFormat 2
Enter secure properties password:<password prompt>
2 secure properties in list
"Name","Value"
"buz","qux"
"foo","bar" |
Locating your Secure Properties key store
Your key store is normally located in your home directory and is named .acli.keystore. ACLI displays the file path as part of the detailed getClientInfo output (if it exists).
Example: Display key store file path
| Code Block |
|---|
$ acli -a getClientInfo --outputFormat 2
Enter secure properties password:<password prompt>
Client information
Client name . . . . . . . . . : cli
Client version . . . . . . . : 11.0.0
...
Secure properties . . . . . . :
File . . . . . . . . . . . : /Users/me/.acli.keystore |