Encrypt a password from RSA key (fglpass)

This task shows how to encrypt a password with an RSA key using the fglpass tool.

The fglpass tool can encrypt a password using an RSA key or certificate, and then encode it in BASE64 form. This allows you to add a protected password in the FGLPROFILE file for future use by any BDL application.
Tip:

You can also use xml.Encryption.RSAEncrypt to encrypt a plaintext password to BASE64 from within your Genero program (so you do not need to run fglpass -e or other external tools); go to Encrypting with an RSA key (xml.Encryption.RSAEncrypt) for usage and examples.

  1. To encrypt a password from a RSA key and encoded in BASE64, enter:
    fglpass -e -k myprivatekey.pem
    When encrypting a password, you can either supply the certificate with the -c option (fglpass -e -c) or provide the private key using the -k option.
    Note:

    The private key file also contains (or allows derivation of) the corresponding public key, so when you supply the private key the public portion is extracted and used to encrypt the password; the private key is required later to decrypt it.

  2. You are prompted to enter the password you want to encrypt.

    Enter password :hello
    The fglpass tool outputs the BASE64 form of the encrypted password on the console.
    BASE64 BEGIN
Pzk/fNRhetdJDZz5kjNg7P0XET4XsW6bys/fi0DvugxRPh9d/s41oAws65
JY0EPb2zytQjxZ/dwaaRzJPYoQmA==
BASE64 END
    The BASE64 encrypted password is the string between the BASE64 BEGIN and BASE64 END.

  3. For details on storing the encrypted password in fglprofile, go to Encrypt a HTTP authenticate password for FGLPROFILE.