Update instructions on how to set up a dynamic encrypted password (#1593) (#1597)

NataliaIvakina · web-flow · commit 8f4aa67d9a27 · 2024-05-03T09:54:42.000+02:00
diff --git a/modules/ROOT/pages/security/ssl-framework.adoc b/modules/ROOT/pages/security/ssl-framework.adoc
@@ -910,7 +910,7 @@ If hardcoding of clear text private key password is not feasible due to security
 ----
 echo "password123" > passwordfile
 
-openssl aes-256-cbc -a -salt -in passwordfile -out password.enc -pass file:certificate.crt
+base64 -w 0 certificate.crt | openssl aes-256-cbc -a -salt -in passwordfile -out password.enc -pass stdin
 ----
 +
 [NOTE]
@@ -922,15 +922,15 @@ Delete the password file and set file permissions for `password.enc` to `400` (e
 +
 [source]
 ----
-openssl aes-256-cbc -a -d -in password.enc -pass file:certificate.crt
+base64 -w 0 certificate.crt | openssl aes-256-cbc -a -d -in password.enc -pass stdin
 ----
 
 . Set the neo4j.conf `dbms.ssl.policy.<type>.private_key_password` to be able to read out encrypted password.
 To adjust paths to cert and encrypted password file, use full paths:
 +
 [source]
 ----
-dbms.ssl.policy.bolt.private_key_password=$(openssl aes-256-cbc -a -d -in password.enc -pass file:certificate.crt)
+dbms.ssl.policy.bolt.private_key_password=$(base64 -w 0 certificate.crt | openssl aes-256-cbc -a -d -in password.enc -pass stdin)
 ----
 
 [NOTE]
