{"type":"doc","content":[{"type":"heading","attrs":{"level":2},"content":[{"type":"emoji","attrs":{"id":"1f914","text":"🤔","shortName":":thinking:"}},{"text":" Description","type":"text"}]},{"type":"paragraph","content":[{"text":"To ensure a higher level of credential security that may be required in specific industries, ACLI 11.0 introduces the Secure Properties functionality.","type":"text"}]},{"type":"paragraph","content":[{"text":"Secure Properties ","type":"text"},{"text":"augments","type":"text","marks":[{"type":"annotation","attrs":{"annotationType":"inlineComment","id":"ce9d8d9f-f3c4-48b5-961a-247c1f43d057"}}]},{"text":" the ","type":"text"},{"text":"acli.properties","type":"text","marks":[{"type":"code"}]},{"text":" file, mitigating any breach of security that could occur if the ACLI configuration files were to escape your system.","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"type":"emoji","attrs":{"id":"1f331","text":"🌱","shortName":":seedling:"}},{"text":" Solution","type":"text"}]},{"type":"paragraph","content":[{"text":"The Secure Properties in ACLI 11.0 provides a key-store-based credential storage solution using password based encryption (PBE). The specific key store format is the UBER format, provided by the excellent ","type":"text"},{"text":"Bouncy Castle","type":"text","marks":[{"type":"link","attrs":{"href":"https://www.bouncycastle.org/java.html"}}]},{"text":" cryptography library for Java.","type":"text"}]},{"type":"paragraph","content":[{"text":"The Secure Properties key store can store any value, while it prevents sensitive credentials from being stored as plain text on disk.","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"The use of Secure Properties is ","type":"text"},{"text":"optional","type":"text","marks":[{"type":"em"}]},{"text":".","type":"text"}]},{"type":"paragraph","content":[{"text":"Once you have configured the use of Secure Properties, ACLI will require the password before executing any actions. The password can be ","type":"text"},{"text":"provided","type":"text","marks":[{"type":"link","attrs":{"href":"https://appfire.atlassian.net/wiki/spaces/SUPPORT/pages/349962465/How+to+use+Secure+Properties#Unlocking-the-key-store"}}]},{"text":" interactively each time ACLI is run, or via an environment variable.","type":"text"}]}]},{"type":"panel","attrs":{"panelType":"note"},"content":[{"type":"paragraph","content":[{"text":"The ACLI Shell can create Secure Properties entries as part of its guided site configuration functionality, which can be launched using the slash-command, ","type":"text"},{"text":"/sites add","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"If you forget the password to a Secure Properties key store, the only solution is to manually rename or delete the file (we recommend renaming if there’s any hope you will later remember the password).","type":"text"}]},{"type":"paragraph","content":[{"text":"The key store file is named ","type":"text"},{"text":".acli.keystore","type":"text","marks":[{"type":"code"}]},{"text":" and can be found in your user home directory.","type":"text"}]},{"type":"paragraph","content":[{"text":"Appfire support cannot recover data stored in these files if you forget your password!","type":"text","marks":[{"type":"em"}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Working with Secure Properties","type":"text"}]},{"type":"paragraph","content":[{"text":"Secure Properties adds actions for creating, updating, reading, and deleting values in an encrypted key store. This key store can then act as a source of variable values that can be referenced in ","type":"text"},{"text":"acli.properties","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]},{"type":"paragraph","content":[{"text":"Prior to the introduction of secure properties, resolution of variables in the ","type":"text"},{"text":"acli.properties","type":"text","marks":[{"type":"code"}]},{"text":" configuration file included a search of these locations:","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"other properties defined in ","type":"text"},{"text":"acli.properties","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Java system properties","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"runtime environment variables","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"The Secure Properties key store adds a 4th location from which variables may be resolved. By default, this location is only consulted for values if the variable name contains the ","type":"text"},{"text":"secret:","type":"text","marks":[{"type":"code"}]},{"text":" prefix.","type":"text"}]},{"type":"paragraph","content":[{"text":"Using Secure Properties consists of three main steps:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Creating a key store","type":"text","marks":[{"type":"link","attrs":{"href":"https://appfire.atlassian.net/wiki/spaces/SUPPORT/pages/349962465/How+to+use+Secure+Properties#Creating-a-key-store"}}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Referencing secrets in the acli.properties file","type":"text","marks":[{"type":"link","attrs":{"href":"https://appfire.atlassian.net/wiki/spaces/SUPPORT/pages/349962465/How+to+use+Secure+Properties#Referencing-secrets-in-acli.properties"}}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Unlocking the key store","type":"text","marks":[{"type":"annotation","attrs":{"annotationType":"inlineComment","id":"782cbdb7-7913-4662-a001-a9396a1ffe92"}},{"type":"link","attrs":{"href":"https://appfire.atlassian.net/wiki/spaces/SUPPORT/pages/349962465/How+to+use+Secure+Properties#Unlocking-the-key-store"}}]}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Creating a key store","type":"text"}]},{"type":"paragraph","content":[{"text":"When you create the key store file (named ","type":"text"},{"text":".acli.keystore","type":"text","marks":[{"type":"code"}]},{"text":"), it can be found in your home directory. ","type":"text"},{"type":"hardBreak"},{"text":"Each ACLI user on a given system has their own such file. Note that on a multi-user system, each user is required to maintain their own ACLI installation.","type":"text"}]},{"type":"paragraph","content":[{"text":"The key store file path can be overridden to point to an alternative location through the use of the environment variable ","type":"text"},{"text":"ACLI_SECURE_PROPERTIES","type":"text","marks":[{"type":"code"}]},{"text":". This can be useful if you need to work with multiple key stores or multiple installations of ACLI.","type":"text"}]},{"type":"paragraph","content":[{"text":"When a secure property is first added, ACLI:","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"First prompts for the value of the secret to be stored.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Prompts for the new key store file password (with confirmation).","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"To create your key store, run the action ","type":"text"},{"text":"setSecureProperty","type":"text","marks":[{"type":"code"}]},{"text":", as shown in the example:","type":"text"}]},{"type":"codeBlock","attrs":{"language":"none"},"content":[{"text":"$ acli system setSecureProperty --name my.secret --secret -\nEnter secure value: \nSecure properties file does not yet exist. Creating...\nEnter new secure properties password: \nConfirm secure properties password: \nSecure properties file created.\nValue for key 'foo' set in secure properties file.","type":"text"}]},{"type":"panel","attrs":{"panelType":"note"},"content":[{"type":"paragraph","content":[{"text":"The value for the ","type":"text"},{"text":"--secret","type":"text","marks":[{"type":"code"}]},{"text":" parameter, provided in the example, is ","type":"text"},{"text":"-","type":"text","marks":[{"type":"code"}]},{"text":" The value set to ","type":"text"},{"text":"-","type":"text","marks":[{"type":"code"}]},{"text":" indicates that the value should be obtained via an interactive prompt (or read from ","type":"text"},{"text":"stdin","type":"text","marks":[{"type":"code"}]},{"text":" if not connected to a tty). ","type":"text"}]},{"type":"paragraph","content":[{"text":"We strongly recommend that you use this method to provide sensitive values to avoid them being accidentally recorded in your shell history, where they could end up existing in plain text anyway!","type":"text"}]}]},{"type":"paragraph"},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"The key store requires a non-blank password. Once created, do not forget the password!","type":"text"}]},{"type":"paragraph","content":[{"text":"Key store passwords cannot be recovered by ACLI support.","type":"text","marks":[{"type":"em"}]}]},{"type":"paragraph","content":[{"text":"If your password is ever compromised, you should consider the contents of the key store to also be compromised and rotate any secrets it contains accordingly.","type":"text"}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Referencing secrets in ","type":"text"},{"text":"acli.properties","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"When in use, the key store file can be used to provide values to ","type":"text"},{"text":"acli.properties","type":"text","marks":[{"type":"code"}]},{"text":"by way of substitution variables similar to the current method of referring to environment variables or other properties (i.e., using ","type":"text"},{"text":"${my.variable}","type":"text","marks":[{"type":"code"}]},{"text":" syntax). ","type":"text"}]},{"type":"paragraph","content":[{"text":"The syntax for referring to key store values is a variation of the syntax of the form ","type":"text"},{"text":"${secret:my.secret}","type":"text","marks":[{"type":"code"}]},{"text":" (note the addition of the ","type":"text"},{"text":"secret:","type":"text","marks":[{"type":"code"}]},{"text":" prefix).","type":"text"}]},{"type":"panel","attrs":{"panelType":"note"},"content":[{"type":"paragraph","content":[{"text":"Because the key store is password-protected, the ","type":"text"},{"text":"secret:","type":"text","marks":[{"type":"code"}]},{"text":" prefix allows you to only consult the key store for the Secure Properties key variables. To disable this requirement, set the environment variable ","type":"text"},{"text":"ACLI_SECURE_PROPERTIES_SAFE_MODE=false","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]},{"type":"paragraph","content":[{"text":"When disabled, the key store is consulted for variable names that are not found in the ","type":"text"},{"text":"acli.properties","type":"text","marks":[{"type":"code"}]},{"text":" file or the environment, this may result in an interactive prompt requesting to supply a password!","type":"text"}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Unlocking the key store","type":"text"}]},{"type":"paragraph","content":[{"text":"When the ACLI configuration refers to secure property values (i.e., using ","type":"text"},{"text":"${secret:...}","type":"text","marks":[{"type":"code"}]},{"text":" style variables in ","type":"text"},{"text":"acli.properties","type":"text","marks":[{"type":"code"}]},{"text":"), each time that you run an ACLI command (including starting the ACLI Shell), you are prompted to unlock the key store.","type":"text"}]},{"type":"paragraph","content":[{"text":"Normally, this means that ACLI prompts you for your key store password before it continues (or reads it from ","type":"text"},{"text":"stdin","type":"text","marks":[{"type":"code"}]},{"text":" when not connected to a tty). To short-circuit the prompting behavior, set the environment variable ","type":"text"},{"text":"ACLI_SECURE_PROPERTIES_PASSWORD","type":"text","marks":[{"type":"code"}]},{"text":" with your password as a value.","type":"text"}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"Setting your key store password as an environment variable may or may not be appropriate, depending on your risk tolerance. Doing so is a convenience that comes at a cost of reduced security. ","type":"text"}]},{"type":"paragraph","content":[{"text":"Advantage","type":"text","marks":[{"type":"strong"}]},{"text":":","type":"text"},{"type":"hardBreak"},{"text":"If your key store file escapes your system, it is strongly encrypted.","type":"text"}]},{"type":"paragraph","content":[{"text":"Disadvantage","type":"text","marks":[{"type":"strong"}]},{"text":":","type":"text"},{"type":"hardBreak"},{"text":"Storing your key store password as an environment variable may allow a sophisticated attack to compromise your key store.","type":"text"}]},{"type":"paragraph","content":[{"text":"Whether you decide this is an acceptable risk is entirely at your discretion, and depends on considerations on the threat modeling that you and your organization use. ","type":"text"}]},{"type":"paragraph","content":[{"text":"Use this method at your own risk.","type":"text","marks":[{"type":"em"}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Actions","type":"text"}]},{"type":"paragraph","content":[{"text":"Use ACLI actions, part of the ACLI ","type":"text"},{"text":"system","type":"text","marks":[{"type":"code"}]},{"text":" client, to create, update, read, and delete key-value pairs stored in the Secure Properties key store.","type":"text"}]},{"type":"paragraph","content":[{"text":"To use a secure property in ","type":"text"},{"text":"acli.properties","type":"text","marks":[{"type":"code"}]},{"text":", follow the example as illustrated here:","type":"text"}]},{"type":"codeBlock","attrs":{"language":"none"},"marks":[{"type":"breakout","attrs":{"mode":"wide"}}],"content":[{"text":"my-jira = jiracloud -s https://myjira.atlassian.net -u me@example.com -t ${secret:my-jira.token}","type":"text"}]},{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"Actions and Examples","type":"text","marks":[{"type":"strong"}]},{"text":" table shows how you can work with the secure properties and provides examples.","type":"text"}]},{"type":"table","attrs":{"layout":"full-width","width":1800.0,"localId":"6d658edc-6594-4222-bc23-654b9a354f39"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":2,"rowspan":1,"colwidth":[783.0,781.0]},"content":[{"type":"paragraph","content":[{"text":" ","type":"text"},{"text":"Actions and Examples","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[783.0]},"content":[{"type":"heading","attrs":{"level":4},"content":[{"text":"setSecureProperty","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"This action sets or overwrites a secure property in the key store. If a property name already exists, you are prompted to confirm that you wish to overwrite the value. Use ","type":"text"},{"text":"--replace","type":"text","marks":[{"type":"code"}]},{"text":" to skip the confirmation prompt.","type":"text"}]},{"type":"paragraph","content":[{"text":"Example: Set Secure Property","type":"text","marks":[{"type":"strong"}]}]},{"type":"codeBlock","content":[{"text":"$ acli system -a setSecureProperty --name my-jira.token --secret\nEnter secure properties password: \nValue for key 'my-jira.token' set in secure properties file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[781.0]},"content":[{"type":"heading","attrs":{"level":4},"content":[{"text":"clearSecureProperties","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"This action clears the entire secure properties key store file. To ensure that a value is not accidentally removed, you are prompted for confirmation. If you add the ","type":"text"},{"text":"--force","type":"text","marks":[{"type":"code"}]},{"text":" parameter, the secure property file is removed without confirmation. ","type":"text"},{"type":"hardBreak"},{"text":"To complete the action, you are prompted to insert the key store password.","type":"text"}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"If you have forgotten the password, you must manually rename or delete the key store file (named ","type":"text"},{"text":".acli.keystore","type":"text","marks":[{"type":"code"}]},{"text":") in your home directory.","type":"text"}]},{"type":"paragraph","content":[{"text":"We recommend ","type":"text"},{"text":"renaming","type":"text","marks":[{"type":"em"}]},{"text":" the file (rather than deleting it) if there’s any chance you might later remember the password and still need the contents of the file.","type":"text"}]}]},{"type":"paragraph","content":[{"text":"Example: Clear all Secure Properties","type":"text","marks":[{"type":"strong"}]}]},{"type":"codeBlock","attrs":{"language":"none"},"content":[{"text":"$ acli system -a clearSecureProperties\nEnter secure properties password: \nEnter CONFIRM to permanently clear all secure properties (CANNOT be undone): CONFIRM\nSecure properties cleared.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[783.0]},"content":[{"type":"heading","attrs":{"level":4},"content":[{"text":"getSecureProperty","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"This action retrieves a secure property from the key store. By default, it only indicates whether the named entry exists in the key store. To retrieve the property value as well, use: ","type":"text"},{"text":"--outputFormat 2","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]},{"type":"paragraph","content":[{"text":"Example: Get Secure Property","type":"text","marks":[{"type":"strong"}]}]},{"type":"codeBlock","attrs":{"language":"none"},"content":[{"text":"$ acli system -a getSecureProperty --name foo\nEnter secure properties password: \nSecure property 'foo' exists in the secure properties file.","type":"text"}]},{"type":"paragraph","content":[{"text":"Example: Get Secure Property with value","type":"text","marks":[{"type":"strong"}]}]},{"type":"codeBlock","attrs":{"language":"none"},"content":[{"text":"$ acli system -a getSecureProperty --name foo --outputFormat 2\nEnter secure properties password: \nValue of secure property 'foo': bar","type":"text"}]},{"type":"paragraph"}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[781.0]},"content":[{"type":"heading","attrs":{"level":4},"content":[{"text":"importSecureProperties","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"This action allows you to import secure properties from another key store file to your default key store. To do so, you need the password for both the source and destination key stores. ","type":"text"},{"type":"hardBreak"},{"text":"OPTIONS","type":"text","marks":[{"type":"strong"}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Use the ","type":"text"},{"text":"--replace","type":"text","marks":[{"type":"code"}]},{"text":" parameter to avoid being asked to confirm overwriting properties during import.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Use the ","type":"text"},{"text":"--include","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"--exclude","type":"text","marks":[{"type":"code"}]},{"text":" parameters to filter the properties being imported.","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"Note that each of the imported properties, take a regular expression value that is evaluated against the list of keys in the source key store.","type":"text"}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"This can be useful for sharing selected secure properties, just ensure to not store or transmit the key store password with the key store file!","type":"text"}]}]},{"type":"paragraph","content":[{"text":"The following examples assume that both ","type":"text"},{"text":".acli.keystore","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"import.keystore","type":"text","marks":[{"type":"code"}]},{"text":" contain entries for the keys ","type":"text"},{"text":"foo","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"bar","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]},{"type":"paragraph","content":[{"text":"Example: Import Secure Properties","type":"text","marks":[{"type":"strong"}]}]},{"type":"codeBlock","attrs":{"language":"none"},"content":[{"text":"$ acli system -a importSecureProperties -f import.keystore\nEnter secure properties password: \nEnter inbound secure properties password: \nImported 0 secure properties.\nIgnored: buz,foo. Use --replace to overwrite existing values.","type":"text"}]},{"type":"paragraph","content":[{"text":"Example: Import select Secure Properties (via inclusion) with replacement","type":"text","marks":[{"type":"strong"}]}]},{"type":"codeBlock","attrs":{"language":"none"},"content":[{"text":"$ acli system -a importSecureProperties -f import.keystore --include '(?i)^F' --replace\nEnter secure properties password: \nEnter inbound secure properties password: \nImported 1 secure property: foo.","type":"text"}]},{"type":"paragraph"}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[783.0]},"content":[{"type":"heading","attrs":{"level":4},"content":[{"text":"removeSecureProperty","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"This action removes a secure property from the key store. To ensure that a value is not accidentally removed, you are prompted for confirmation.","type":"text"}]},{"type":"paragraph","content":[{"text":"If you add the ","type":"text"},{"text":"--force","type":"text","marks":[{"type":"code"}]},{"text":" parameter, the secure property is removed without confirmation. ","type":"text"}]},{"type":"paragraph","content":[{"text":"If after this operation the key store is empty, it is automatically removed.","type":"text"}]},{"type":"paragraph","content":[{"text":"Example: Remove a Secure Property","type":"text","marks":[{"type":"strong"}]}]},{"type":"codeBlock","attrs":{"language":"none"},"content":[{"text":"$ acli system -a removeSecureProperty --name my-jira.token\nEnter secure properties password: \nEnter CONFIRM to permanently remove the secure property 'my-jira.token': CONFIRM\nRemoved value for key 'my-jira.token' from secure properties file.","type":"text"}]},{"type":"paragraph","content":[{"text":"Example: Force remove a Secure Property (with deletion of empty key store)","type":"text","marks":[{"type":"strong"}]}]},{"type":"codeBlock","content":[{"text":"$ acli system -a removeSecureProperty --name my-jira.token --force\nEnter secure properties password: \nRemoved value for key 'my-jira.token' from secure properties file.\nDeleted empty keystore file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[781.0]},"content":[{"type":"heading","attrs":{"level":4},"content":[{"text":"exportSecureProperties","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"This action allows you to export secure properties from your default key store to another key store file. To do so, you need the password for both the source and destination key stores.","type":"text"}]},{"type":"paragraph","content":[{"text":"OPTIONS","type":"text","marks":[{"type":"strong"}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Use the ","type":"text"},{"text":"--replace","type":"text","marks":[{"type":"code"}]},{"text":" parameter to avoid being asked to confirm overwriting properties during export.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Use the ","type":"text"},{"text":"--include","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"--exclude","type":"text","marks":[{"type":"code"}]},{"text":" parameters to filter the properties being exported.","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"Note that each of the exported properties, take a regular expression value that is evaluated against the list of keys in the source key store.","type":"text"}]},{"type":"paragraph","content":[{"text":"The following examples assumes that both ","type":"text"},{"text":".acli.keystore","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"import.keystore","type":"text","marks":[{"type":"code"}]},{"text":" contain entries for the keys ","type":"text"},{"text":"foo","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"bar","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]},{"type":"paragraph","content":[{"text":"Example: Export select Secure Properties (via exclusion) with replacement","type":"text","marks":[{"type":"strong"}]}]},{"type":"codeBlock","attrs":{"language":"none"},"content":[{"text":"$ acli system -a exportSecureProperties -f export.keystore --exclude '(?i)^F' --replace\nEnter secure properties password: \nEnter outbound secure properties password: \nExported 1 secure property: buz.","type":"text"}]},{"type":"paragraph"}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[783.0]},"content":[{"type":"heading","attrs":{"level":4},"content":[{"text":"getSecurePropertyList","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"This action returns all secure properties from the key store. To retrieve the list of property values as well, use: ","type":"text"},{"text":"--outputFormat 2","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]},{"type":"paragraph","content":[{"text":"Example: Get Secure Property list","type":"text","marks":[{"type":"strong"}]}]},{"type":"codeBlock","attrs":{"language":"none"},"content":[{"text":"$ acli system -a getSecurePropertyList\nEnter secure properties password:\n2 secure properties in list\n\"Name\"\n\"buz\"\n\"foo\"","type":"text"}]},{"type":"paragraph","content":[{"text":"Example: Get Secure Property list with values","type":"text","marks":[{"type":"strong"}]}]},{"type":"codeBlock","attrs":{"language":"none"},"content":[{"text":"$ acli system -a getSecurePropertyList --outputFormat 2\nEnter secure properties password:\n2 secure properties in list\n\"Name\",\"Value\"\n\"buz\",\"qux\"\n\"foo\",\"bar\"","type":"text"}]},{"type":"paragraph"},{"type":"paragraph"}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[781.0]},"content":[{"type":"paragraph","content":[{"text":"Locating your Secure Properties key store","type":"text","marks":[{"type":"strong"}]}]},{"type":"paragraph","content":[{"text":"Your key store is normally located in your home directory and is named ","type":"text"},{"text":".acli.keystore","type":"text","marks":[{"type":"code"}]},{"text":". ACLI displays the file path as part of the detailed ","type":"text"},{"text":"getClientInfo","type":"text","marks":[{"type":"code"}]},{"text":" output (if it exists).","type":"text"}]},{"type":"paragraph","content":[{"text":"Example: Display key store file path","type":"text","marks":[{"type":"strong"}]}]},{"type":"codeBlock","content":[{"text":"$ acli -a getClientInfo --outputFormat 2\nEnter secure properties password:\nClient information\n\nClient name . . . . . . . . . : cli\nClient version . . . . . . . : 11.0.0\n...\nSecure properties . . . . . . :\n File . . . . . . . . . . . : /Users/me/.acli.keystore","type":"text"}]}]}]}]},{"type":"paragraph"}],"version":1}

Browser not supported