Secret Master Key Management

Ticketing Systems

The Secret Master Key for the Veracode Integration for CA Agile Central is a password used to encrypt your Veracode secret key and CA Agile Central API key in the veracode2agilecentral_config.xml configuration file. You can configure this password to customize and enhance the encryption.

The first time the integration executes, it creates a key.properties file in your root folder that contains the default Secret Master Key. Because the default key is generated with a secure randomizer, it is not necessary to update it. However, if using the default key does not meet the security standards of your organization, you are able to update the Secret Master Key or generate a custom key instead of the randomly-generated key. Veracode also recommends that you limit the permissions on the file containing the key.