To securely store the OAuth1 credentials, the client secret can be encrypted on the database (MySQL).

Notes:

  • Enabling the encryption requires a restart of ePagesJ

  • Once the encryption with a specific key has been enabled, it is currently not possible to change to a different secret key or migrate back to an unencrypted system (not implemented yet).

Create Configuration File

Create file $EPAGESJ_CONFIG/application-secret-key.conf and set secret.key (1234567890abcdef may vary):

cd $EPAGESJ_CONFIG
cp -p application-secret-key.sample.conf application-secret-key.conf
sed -ri 's,(secret.key)=,\1=1234567890abcdef,' application-secret-key.conf
Note
The secret key (e.g. 1234567890abcdef) must be exactly 16 characters long.

Restart ePagesJ

Restart ePagesJ instances with the new secret key:

/etc/init.d/epagesj restart

Encrypt the Data

Connect to the ePagesJ console

Connect to the ePagesJ console and start the migration using the provided secret key (epagesj.host.name may vary):

ssh -p 2000 -l admin epagesj.host.name

Login into the ePagesJ Console

Login with the password of user admin. User and password can be set in section [Console] of $EPAGES_CONFIG/epagesj.conf. Find your password in epagesj.conf:

/var/epages/ini-config.sh -f $EPAGES_CONFIG/epagesj.conf -s Console -k password -G

If no password is set then use the default password admin.

Encrypt the OAuth1 Credentials

After the login, issue the following command to encrypt the OAuth1 credentials:

oauth1 encrypt

Example Session

ssh -p 2000 -l admin localhost
Password authentication
Password:
Welcome to yourhostname.local + !
It is Wed Oct 21 16:40:53 CEST 2015 now
% oauth1 encrypt
encrypted records: 42