Update instructions on how to set up a dynamic encrypted password (ne…

…o4j#1593)
NataliaIvakina · May 3, 2024 · 4ade203 · 4ade203
1 parent 0d9ba4e
commit 4ade203
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/modules/ROOT/pages/security/ssl-framework.adoc b/modules/ROOT/pages/security/ssl-framework.adoc
@@ -997,7 +997,7 @@ If hardcoding of clear text private key password is not feasible due to security
 ----
 echo "password123" > passwordfile
 
-openssl aes-256-cbc -a -salt -in passwordfile -out password.enc -pass file:certificate.crt
+base64 -w 0 certificate.crt | openssl aes-256-cbc -a -salt -in passwordfile -out password.enc -pass stdin
 ----
 +
 [NOTE]
@@ -1009,15 +1009,15 @@ Delete the password file and set file permissions for `password.enc` to `400` (e
 +
 [source]
 ----
-openssl aes-256-cbc -a -d -in password.enc -pass file:certificate.crt
+base64 -w 0 certificate.crt | openssl aes-256-cbc -a -d -in password.enc -pass stdin
 ----
 
 . Set the neo4j.conf `dbms.ssl.policy.<type>.private_key_password` to be able to read out encrypted password.
 To adjust paths to cert and encrypted password file, use full paths:
 +
 [source]
 ----
-dbms.ssl.policy.bolt.private_key_password=$(openssl aes-256-cbc -a -d -in password.enc -pass file:certificate.crt)
+dbms.ssl.policy.bolt.private_key_password=$(base64 -w 0 certificate.crt | openssl aes-256-cbc -a -d -in password.enc -pass stdin)
 ----
 
 [NOTE]