Encrypting the Web Console password in ActiveMQ

Question

I have to get rid of the clear text password in ActiveMQ server in the jetty-realm.properties file as part of the security requirements of our project.

I followed the procedure for encrypting passwords found here: https://activemq.apache.org/encrypted-passwords.html. In Jetty-real.properties I replaced plain password with ${activemq.password}

But I could not login into the web console (http://localhost:8161/admin)

Are there additional config parameters I need to change? Any help would be greatly appreciated.

Answer 1

A very important note: the sequence of data specified by you should be as follows:

org.eclipse.jetty.util.security.Password [username] password

Also note that in some shells (like default on Ubuntu 20.04) the dollar sign inside the password will effectively truncate your password to the part preceding the dollar sign.

(I meant to put a comment to the answer by @dorin.canepa, but clicked on a wrong button and now it's an answer, oh well)

Answer 2

For ecrypt password we can use jetty utility. This can be downloaded from http://download.eclipse.org/jetty/.

use:

java -cp lib/jetty-util-$JETTY_VERSION.jar org.eclipse.jetty.util.security.Password admin admin

admin
OBF:1u2a1toa1w8v1tok1u30
MD5:21232f297a57a5a743894a0e4a801fc3
CRYPT:adpexzg3FUZAk

Add in bus\conf\jetty.xml\jetty-realm.properties

admin: MD5:21232f297a57a5a743894a0e4a801fc3, admin