Introduction
After adding the database connection details to the system.yaml file:
shared: database: type: postgresql driver: org.postgresql.Driver url: jdbc:postgresql://<your db url, for example: localhost:5432>/artifactory username: artifactory password: asdfEDv
The password field will be encrypted in the following format after Artifactory starts up:
shared: database: type: postgresql driver: org.postgresql.Driver url: jdbc:postgresql://<your db url, for example: localhost:5432>/artifactory username: artifactory password: 25729e.aesgcm128.u77sFsQXrlus974TAN8IeUNyXRxILgXwalop9RXY9QjVOm8
This consists of:
- Prefix (e.g. 25729e)
- Encryption method (e.g. aesgcm128)
- Base64-encoded data (e.g. u77sFsQXrlus974TAN8IeUNyXRxILgXwalop9RXY9QjVOm8)
Following the instructions in this KB article, you can decrypt this database password. However, in some cases, it may not simply decrypt the password and you may encounter the following error when running the decryption command:
jfrog support decrypt <encrypted-password> <master.key>
Example:
jfrog support decrypt 25729e.aesgcm128.u77sFsQXrlus974TAN8IeUNyXRxILgXwalop9RXY9QjVOm8 7ca3c86e52389a5a62fbb6ae01b5458c [Error] could not decrypt exit status 1
In this case, go through the steps below to resolve the problem.
Resolution
1. A Base64 encoded string must have a length that is a multiple of 4 characters. Let's consider the following Base64 data string as an example:
u77sFsQXrlus974TAN8IeUNyXRxILgXwalop9RXY9QjVOm8
2. To check the length of this string, you can run the following command:
echo -n 'u77sFsQXrlus974TAN8IeUNyXRxILgXwalop9RXY9QjVOm8' | wc -m
Output:
47
As seen, the string length is 47 characters, which is not a multiple of 4.
3. To resolve this issue, you can add padding characters (==), which are used to ensure the Base64 encoded string's length meets the specification requirement of being a multiple of 4 characters. Here's how you run the updated command:
3. To resolve this issue, you can add padding characters (==), which are used to ensure the Base64 encoded string's length meets the specification requirement of being a multiple of 4 characters. Here's how you run the updated command:
jfrog support decrypt 25729e.aesgcm128.u77sFsQXrlus974TAN8IeUNyXRxILgXwalop9RXY9QjVOm8== 7ca3c86e52389a5a62fbb6ae01b5458c
The decrypted password will be:
asdfEDv