Credentials files are created and validated using the CUTILITY programLWCCOM utility. Refer to CUTILITY LWCCOM for more information. You can create as many credentials files as necessary, since different Web services may require different credentials.
This example stores the userid 'myuserid' and password 'mypassword' in the encrypted credentials file "mylogin", then supplies the credentials filename with the -httpauth command line parameter when starting SOAPAMCP.
tacl> run cutilitylwccom --create-cf credentials mylogin !, credentials myuserid:mypassword CREDENTIALS file $VOL.SUBVOL.MYLOGIN created tacl> run client / name $cli / -http-credentials +mylogin @otheropts
The second This example stores the pass phrase in the encrypted credentials file "certpass". Since the pass phrase argument credentials parameter was not specified as '?', CUTILITY LWCCOM prompts the user for the information, but does not echo itcredentials without echoing them to the terminal.
tacl> run cutilitylwccom --create-cf certpass ?create credentials certpass ! Enter credentials: Re-enter credentials: CREDENTIALS file $VOL.SUBVOL.CERTPASS created tacl> run client / name $cli / -client-cert mycert +certpass @otheropts
Note that the credentials file is location dependent, i.e., if the file is moved or renamed, the credentials cannot be decrypted. This feature is designed to disable the credentials in case the file is stolen or otherwise used inappropriately. You can specify an alternate target location for the credentials file if the file is to be created in one location but moved to another location for deployement. This example creates a credentials file on the current volume for eventual deployment on the $SYSTEM volume.
tacl> run lwccom create credentials mylogin !, credentials myuserid:mypassword, target $system.deploy.mylogin CREDENTIALS file $VOL.SUBVOL.MYLOGIN created
Even though credentials become invalid when moved, system administrators should still use Guardian security to prevent unauthorized access to the contents of the file.
This example verifies the contents of the credentials file and that it is located in the correct subvolume.
tacl> run cutility --check-cf certpass lwccom validate credentials mylogin CREDENTIALS file $VOL.SUBVOL.MYLOGIN is valid