How to Encrypt and Secure Your Machine Agent AccessKey

Encryption and securing your credentials are of utmost importance now.

The Machine Agent lets you configure the encryption of your AccessKey. Let's go through the steps.  

1. Navigate to <Ma-Home> directory and Let's create a keyStore with below command:

jre/bin/java -jar lib/secure-credential-store-tool-1.3.23.jar generate_ks -filename '/opt/appdynamics/secretKeyStore' -storepass 'MyCredentialStorePassword'

This will create the keyStore for you.
The output should look like:

Successfully created and initialized new KeyStore file: /opt/appdynamics/secretKeyStore

2. Let's create a password to access this keyStore:

jre/bin/java -jar lib/secure-credential-store-tool-1.3.23.jar obfuscate -plaintext 'MyCredentialStorePassword'

The output should look like:

s_-001-12-oRQaGjKDTRs=xxxxxxxxxxxxx=

3. Encrypt your AccessKey:

jre/bin/java -jar lib/secure-credential-store-tool-1.3.23.jar encrypt -filename /opt/appdynamics/secretKeyStore -storepass 'MyCredentialStorePassword' -plaintext 'xxxxxx'

The output should look like:

-001-24-mEZsR+xxxxxxxxx==xxxxxxxxxxxx==

Great, now let's edit <MA-Home>/conf/controller-info.xml file and edit the accessKey while also adding a few more parameters for the encryption

<account-access-key>-001-24-mEZsR+nrScSXlewlZbTQgg==xxxxxxxxx==</account-access-key>
<credential-store-password>s_-001-12-xxxxxxx=xxxxxx=</credential-store-password>
<credential-store-filename>/opt/appdynamics/secretKeyStore</credential-store-filename>
<use-encrypted-credentials>true</use-encrypted-credentials>

Great work! You can deploy your Machine Agent now!