The passphrase tomcat uses to decrypt the key to decrypt the data received, where is that passphrase referenced? Is it within the main capamef.war?
Release : 3.3
Component : PRIVILEGED ACCESS MANAGEMENT
capamef.war when it receives the encrypted payload it will retrieve the encryption key by reading and decrypting the extension.encryption.pwd defined in the "extension_framework.properties" file and uses it to access the extension.keystore.file to obtain the PAM "Encryption Key".
This PAM "Encryption Key" is the one generated at the PAM GUI (Configuration - Custom Connectors) so it can decrypt any data encrypted and sent by PAM.