If you're sending passwords via deployment apps, they generally need to be stored in plaintext on the Deployment Server. If this isn't acceptable in your environment, you'll probably end up with a wo...
See more...
If you're sending passwords via deployment apps, they generally need to be stored in plaintext on the Deployment Server. If this isn't acceptable in your environment, you'll probably end up with a work-around. Use the REST API Remotely Are you able to access the HF remotely over port 8089 after the HF has been deployed? If so, the REST API method could still work. Instead of using 'localhost' as your hostname: curl -k -u admin:changeme \
https://hf.mydomain.com:8089/servicesNS/nobody/search/storage/passwords \
-d name=my_realm:my_api_key \
-d password=actual_api_token Pre-Encrypt the Secret Instead of copying the splunk.secret to a Docker container, encrypt the secret locally on the HF. If you have shell access, you can run something like: read creds && $SPLUNK_HOME/bin/splunk show-encrypted --value "${creds}" This will generate an encrypted version of $creds that is decryptable by that server's splunk.secret file. Put the string in the appropriate place in passwords.conf. Alternately, after obtaining the encrypted string, you could insert it into the deployment app on the DS, and leave it there in encrypted form (assuming, as mentioned above, you only need the credential on this one HF). Then the DS can push the entire app, encrypted password included, to the HF.