Proxy Configuration Encryption Utility

You can use the Proxy Configuration Encryption utility to encrypt the username and/or password (as needed) that you provide to the proxy environment variable qualys_https_proxy or https_proxy.

The string-util utility is included in the Cloud Agent installation package. Install or extract the Cloud Agent installation package to get this utility.

When you use the string-util utility to encrypt the credentials, the encrypted values are applied on all the agent hosts with the same credentials. You are not required to run the utility on each system separately.

Use the following command to run the utility to encrypt the username and/or password. If you want to encrypt both the username and password, run the utility twice separately.

You need root privileges to run string-util. If the username or password contains special characters (e.g., @, :, $), they need to be URL-encoded prior to using the utility.

• To encrypt the user name (use double quotes).
  /string-util "<user name_to_be_encrypted>"
  
  For example,
  ./string-util "sys_account"
• To encrypt the password (use double quotes):
  ./string-util "<password_to_be_encrypted>"

The utility returns the username or password in encoded format.

For example,

sRpSHQP582a1+gaJwHOm3g==

Provide the encrypted username and password to your proxy environment variable.

qualys_https_proxy=https://[<#encrypted_username>:<#encrypted_password>@]<host>[:<port>]

The # delimiter indicates to the Cloud Agent that the user name and password are encrypted. Not including the # indicates that the user name and password are in plain text format.

For example (only encrypting password):

qualys_https_proxy=https://sys_account:#sRpSHQP582a1+gaJwHOm3g==@proxy.myco.com:8080

For example (encrypting username and password):

qualys_https_proxy=https://#uWpsHMSY932b2+fdcH723d==:#sRpSHQP582a1+gaJwHOm3g==@proxy.myco.com:8080