CA Strong authentication provides a utility called DBUTIL to update the password associated with DSN (Data Source Name) and DB password in securestore.enc, which is an encrypted file that is used while connecting to the back end Database.
This document highlights the fact that on a Linux/Unix system when using special characters in the DB / DSN password the command to update the DB password - DBUtil -pu <DB username> <DB password> - may fail like shown below with "Error: unrecognized extra argument"
======================= Example ============================
[[email protected] tools]# ./DBUtil -pu arcotdsn aaaa!234
DBUtil -init <encryptKeyName>
DBUtil -pi <key> <value> [-h HSMPin [-d HSMModule]]
DBUtil -pu <key> <value> [-h HSMPin [-d HSMModule]]
DBUtil -pd <key> [-h HSMPin [-d HSMModule]]
DBUtil -i <primeKey> <HSMPin>
DBUtil -u <primeKey> <HSMPin>
DBUtil -d <primeKey>
-init: create a new securestore.enc file
-pi, -pu, -pd: insert, update, delete a name,value pair
-i, -u, -d: insert, update, delete a primary name,value pair
(primary entries are used during server startup
to provide HSM initialization info)
-h HSMPin: required if securestore.enc is protected by HSM crypto
(using "prompt" (without quotes) as HSMPin allows
you to supply PIN seperately in masked form)
-d HSMModule: optional when -h is present. Defaults to "nfast" (NCipher)
Note: for backward compatibility, if <key> is "NCipher",
-pi, -pu, -pd are interpreted as -i, -u, -d respectively
Error: unrecognized extra argument
[[email protected] bin]#
===================================== End of Example =================
DBUtility usage on a Linux/Unix system
CA Strong Authentication / Ca Risk Authentication system.
When on a Unix/Linux system use the following format to update DSN/DB Password.
1. For DSN password update --- ./dbutil -pi yourDSNname 'YourDSNPasswordinSingleQuotes'
2. For DB password update --- ./dbutil -pi yourDBuserName 'YourDBPasswordinSingleQuotes'
**** Essentially the password containing special characters should be enclosed in single quotes ***
1. For usage of DBUTIL utility refer to the following link
2. This article only applies the usage of DBUtil utility on a Linux system prompt. During Installation (via provided installers) and Upgrade procedures the password should be provided "as is"