secret-config
This section lists the Corda CLI
A command line tool that supports various Corda-related tasks, including Corda Package Installer (CPI) creation and Corda cluster management.
secret-config
arguments. You can use these commands to generate the configuration for use with the configured secrets lookup service.
Argument | Description |
---|---|
--create | Encrypts a configuration value for the secrets lookup service. See create. |
--decrypt | Decrypts a value for the Corda default secrets lookup service. See decrypt. |
create
The create
argument generates the configuration string for use with the specified secrets lookup service using the following arguments:
Argument | Description |
---|---|
-p, --passphrase | The passphrase for the default secrets lookup service. This must be the same value in the deployment configuration. |
-s, --salt | The salt for the default secrets lookup service. This must be the same value in the deployment configuration. |
-t, --type | The secrets lookup service type. This can be one of the following: |
-v, --vault-path | The path in the HashiCorp Vault that stores the configuration value. |
<value> | The configuration value to encrypt for the default secrets lookup service or the key of the secret for the HashiCorp Vault. |
For example, to generate the configuration to use to specify a value encrypted using the default Corda secrets service:
./corda-cli.sh secret-config -t corda -p "red yellow green" -s f1nd1ngn3m0 mypassword create
./corda-cli.cmd secret-config -t corda -p "red yellow green" -s f1nd1ngn3m0 mypassword create
For example, to generate the configuration to use to specify a value stored in a HashiCorp Vault:
./corda-cli.sh secret-config -v myPath -t vault passwordKey create
./corda-cli.cmd secret-config -v myPath -t vault passwordKey create
decrypt
The decrypt
argument decrypts a value encrypted by the Corda default secrets lookup service.
Argument | Description |
---|---|
-p, --passphrase | The passphrase for the default secrets lookup service. This must be the same value in the deployment configuration. |
-s, --salt | The salt for the default secrets lookup service. This must be the same value in the deployment configuration. |
<value> | The configuration value to decrypt using the default secrets lookup. |
For example:
./corda-cli.sh secret-config -p "red yellow green" -s f1nd1ngn3m0 QuPOUSHXrnC8gJWgKdGq6Pgb45S9RPatPUCHTI9SuEgBiKfDQ2M= decrypt
./corda-cli.cmd secret-config -p "red yellow green" -s f1nd1ngn3m0 QuPOUSHXrnC8gJWgKdGq6Pgb45S9RPatPUCHTI9SuEgBiKfDQ2M= decrypt
Was this page helpful?
Thanks for your feedback!
Chat with us
Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.
Propose documentation improvements directly
Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.
We're sorry this page wasn't helpful. Let us know how we can make it better!
Chat with us
Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.
Create an issue
Create a new GitHub issue in this repository - submit technical feedback, draw attention to a potential documentation bug, or share ideas for improvement and general feedback.
Propose documentation improvements directly
Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.