The passphrase tomcat uses to decrypt the key to decrypt the data received, where is that passphrase referenced? Is it within the main capamef.war?

Release : 3.3

Component : PRIVILEGED ACCESS MANAGEMENT

capamef.war when it receives the encrypted payload it will retrieve the encryption key by reading and decrypting the extension.encryption.pwd defined in the "extension_framework.properties" file and uses it to access the extension.keystore.file to obtain the PAM "Encryption Key".

This PAM "Encryption Key" is the one generated at the PAM GUI (Configuration - Custom Connectors) so it can decrypt any data encrypted and sent by PAM.