1. home icon for breadcrumbs >
  2. Cloud Agent Proxy Configuration >
  3. Proxy Encryption Utility

Proxy Configuration Encryption Utility

You can use the Proxy Configuration Encryption utility to encrypt the user name and/or password (as needed) that you provide to the proxy environment variable qualys_https_proxy or https_proxy.

The string-util utility is included in the Cloud Agent installation package. You must install or extract the package to access it.

You need to run the string-util utility only once on any system where it is installed. The other systems that have the same credentials automatically encrypt their credentials. It is not required to run the utility on each system running Cloud Agent.

  1. To use the encryption utility, go to /usr/local/qualys/cloud-agent/bin, and export the LD_LIBRARY_PATH variable to /usr/local/qualys/cloud-agent/lib using the following command.
    export LD_LIBRARY_PATH=/usr/local/qualys/cloud-agent/lib
  2. Use the following command to run the utility to encrypt the user name and/or password. If you want to encrypt both, run the utility twice to encrypt each separately.

    To encrypt the user name (use double quotes):
    ./string-util "<user name_to_be_encrypted>"
    For example,
    ./string-util "sys_account"

    To encrypt the password (use double quotes):
    ./string-util "<password_to_be_encrypted>"

    The utility returns the user name or password in encoded format.
    For example, sRpSHQP582a1+gaJwHOm3g==

    You need root privileges to run string-util. If the username or password contains special characters (e.g., @, :, $) they need to be URL-encoded prior to using the utility.

  3. Once you get the encrypted username and password, unset the LD_LIBRARY_PATH variable by using the following command:
    export LD_LIBRARY_PATH=
  4. Provide the encrypted username and password to your proxy environment variable.
    qualys_https_proxy=https://[<#encrypted_username>:<#encrypted_password>@]<host>[:<port>]

    The # delimiter indicates that the username and password are encrypted. Not including the # indicates that the user name and password are in plain text format.

    For example (only encrypting password):
    qualys_https_proxy=https://sys_account:#sRpSHQP582a1+gaJwHOm3g==@proxy.myco.com:8080

    For example (encrypting username and password):
    qualys_https_proxy=https://#uWpsHMSY932b2+fdcH723d==:#sRpSHQP582a1+gaJwHOm3g==@proxy.myco.com:8080

 

© 2024 Qualys, Inc. All rights reserved. Privacy Policy.