Encrypt a HTTP authenticate password using a certificate in the Windows key store

Use the fglpass tool to encrypt a password to store in the Windows® key store.

  1. Find the HTTP authenticate entry with the password you want to encrypt:
    authenticate.myentry.login    = "mylogin"
    authenticate.myentry.password = "mypassword"
  2. Add the subject of the certificate registered in the Windows key store:

    security.mykey.subject = "Georges"
  3. Encrypt the password with fglpass:
    $ fglpass -c Georges
    Enter password :mypassword
    The fglpass output looks like this:
    BASE64 BEGIN
    dBy3E5JCVxuoxsR+aOBVfp1j0SwQPt+hdjpMKriWvO2xMd5rFnFEwv+sPPd4w
    /onWviG0M5mqubBeS7QUlt/ZK0D1aO9/R5RVa5wylQu//6vxfyd8NG/
    SFJmlVH63kuyXfiVfq6bHo5+nlQZpVjSHfF2msET3S9HTpZUt4NblP4=
    BASE64 END
    Note: The encrypted password corresponds to the string of alphanumeric characters between BASE64 BEGIN and BASE64 END. The long line of text is wrapped for display purposes only.
  4. Replace the clear password with the encrypted one, and specify the key used to encrypt it (mykey in our example):
    authenticate.myentry.login          = "mylogin"
    authenticate.myentry.password.mykey = "dBy3E5JCVxuoxsR+
    aOBVfp1j0SwQPt+hdjpMKriWvO2xMd5rFnFEwv+sPPd4w
    /onWviG0M5mqubBeS7QUlt/ZK0D1aO9/R5RVa5wylQu//6vxfyd8NG/
    SFJmlVH63kuyXfiVfq6bHo5+nlQZpVjSHfF2msET3S9HTpZUt4NblP4="
    Note: Do not forget to put quotes around the base64 form; otherwise the '=' character is interpreted. The long line of text is wrapped for display purposes only.