Proxy Configuration Encryption Utility
You can use the Proxy Configuration Encryption utility to encrypt the user name and/or password (as needed) that you provide to the proxy environment variable qualys_https_proxy
or https_proxy
.
The string-util utility is included in the Cloud Agent installation package. Install or extract the Cloud Agent installation package to get the utility.
The string-util utility is to be used once on any system where it's installed to encrypt the values that will be used on all systems running Cloud Agent that have the same credentials. It is not required to run the utility on each system running Cloud Agent.
Perform the following steps to use encryption utility:
- Go to
/usr/local/qualys/cloud-agent/bin
, and then export theLD_LIBRARY_PATH
variable to/usr/local/qualys/cloud-agent/lib
.
export LD_LIBRARY_PATH=/usr/local/qualys/cloud-agent/lib
- Use the following command to run the utility to encrypt the user name and/or password. If you want to encrypt both, run the utility twice to separately encrypt the user name and password.
You need root privileges to run string-util. If the user name or password contain special characters (e.g., @, :, $) they need to be URL-encoded prior to using the utility.
To encrypt the user name (use double quotes):
./string-util "<user name_to_be_encrypted>"
For example,
./string-util "sys_account"
To encrypt the password (use double quotes):
./string-util "<password_to_be_encrypted>"
- The utility returns the user name or password in encoded format.
For example,sRpSHQP582a1+gaJwHOm3g==
- Once you get the encrypted user name add/or password, remove the
LD_LIBRARY_PATH
variable by using the following command:
export LD_LIBRARY_PATH=
- Provide the encrypted user name and password to your proxy environment variable.
qualys_https_proxy=https://[<#encrypted_username>:<#encrypted_password>@]<host>[:<port>]
The # delimiter indicates to the Cloud Agent that the user name and password are encrypted. Not including the # indicates that the user name and password are in plain text format.
For example (only encrypting password):
qualys_https_proxy=https://sys_account:#sRpSHQP582a1+gaJwHOm3g==@proxy.myco.com:8080
For example (encrypting username and password):
qualys_https_proxy=https://#uWpsHMSY932b2+fdcH723d==:#sRpSHQP582a1+gaJwHOm3g==@proxy.myco.com:8080