Setting the encryption password for EFM

You need to set the efm.encryption.password property which specifies a master password used for encrypting sensitive data saved to the Edge Flow Manager (EFM) server.

You can set it through the efm.properties file, a command line argument, or an OS environment variable.

By default, the EFM application uses AES encryption. The encryption key used is deterministically derived from an encryption password that the admin user must provide to the application at runtime. The property that is read for the encryption password is efm.encryption.password. You can set the value for this property in following ways:
  • As a command line argument: ./bin/efm.sh --efm.encryption.password=myEfmPassword
  • As a Java System Property: -Defm.encryption.password=myEfmPassword
  • As an OS environment variable: export EFM_ENCRYPTION_PASSWORD=myEfmPassword
  • As a key/value pair in the efm.properties file: efm.encryption.password=myEfmPassword
The derived encryption key length is determined by your Java Runtime Environment encryption strength profiles.
  • Unlimited Strength Encryption active: AES 256-bit key
  • Unlimited Strength Encryption inactive: AES 128-bit key
It is strongly recommended that you enable Unlimited Strength Encryption in your Java Runtime Environment.