Initializing help system before first use

Encrypting Sensitive Application Properties

You can encrypt passwords and other sensitive values that are specified in the application properties of the Insight server and worker.
By encrypting a configuration value, you can avoid storing sensitive information in plaintext. For example, an unencrypted configuration property might look like this: 
 insight.server.persistence.mysql.password=plain-text-password
The same property, after encryption, cannot be read unless it is decrypted using the configuration key: 
insight.server.persistence.mysql.password=ENC( bQTcy1mi3dbU7jDLraaDvJ5P08TXQQkIw6lWcmKX2RpGLVeL )

You can encrypt application properties for either the server or the worker. To encrypt an application property:

  1. Create a configuration key by generating a random 48-character string.
  2. In the root directory for the configuration you are using, edit the .env file.
  3. Find the following line: 
    INSIGHT_CONFIGURATION_KEY=insightdocker

    Replace insightdocker with your new configuration key.

  4. With the Insight containers running, use the docker ps command to find the container ID of the Insight sever or worker.
  5. Use the following command to open a Bash shell inside the container: 
    docker exec -it container_id bash
    where container_id is the container ID.
  6. Run one of the following commands:
    • Server: java -jar server/webapp.jar --encrypt
    • Worker: java -jar webapp.jar --encrypt
  7. When prompted for the encryption key, enter the 48-character configuration key you specified in the .env file.
  8. When prompted for the property value, enter the plaintext property value you want to encrypt.
  9. Copy the provided encrypted property value.
    This is a string in the following form: 
    ENC(encrypted_value)
    Make sure you include the ENC tag and the opening and closing parentheses.
  10. Exit Bash.
  11. In the directory for the configuration you are using, edit the properties file that contains the property you are encrypting (such as server-config\override.properties or the worker-config\override.properties.
  12. Replace the plaintext property value with the encrypted string you copied.
    Make sure the ENC(...) wrapper is included to indicatethat the text is encrypted.
  13. Restart the container.
Parent Topic Configuration and Administration

© 2001-2025 Fair Isaac Corporation. All rights reserved. This documentation is the property of Fair Isaac Corporation (“FICO”). Receipt or possession of this documentation does not convey rights to disclose, reproduce, make derivative works, use, or allow others to use it except solely for internal evaluation purposes to determine whether to purchase a license to the software described in this documentation, or as otherwise set forth in a written software license agreement between you and FICO (or a FICO affiliate). Use of this documentation and the software described in it must conform strictly to the foregoing permitted uses, and no other use is permitted.