Changing or resetting a manifest password
This topic is not relevant if you are running LGTM Enterprise on Kubernetes.
The LGTM manifest file contains the authentication details used by the LGTM cluster machines to communicate securely. Consequently the file is encrypted. When you install LGTM Enterprise, you are prompted to enter a password for encrypting/decrypting the file. Defining a password is optional. If control of the credentials stored in the manifest is not a concern, or if the file is protected by some other means, then you do not need to enter a password.
If you choose to define a password, you need this password whenever the manifest is changed, for example, when you upgrade LGTM or deploy changes to the LGTM cluster configuration file. You can change this password or reset it at any time using the
If you lose the manifest password, it cannot be recovered and the communications secrets used by the LGTM cluster machines must be reset.
Changing or setting a manifest password
To set or change the manifest password, run the
lgtm-config-gen.jar tool with:
- Optionally, you can use the
--inputflag to define the location of the cluster configuration file for the installation. By default, the path to this file is assumed to be
../../state/lgtm-cluster-config.yml, relative to the
For example, from the
java -jar lgtm/lgtm-config-gen.jar change-password
If the manifest file is already protected by a password, you are prompted to enter the existing password. You are then asked to enter and confirm a new password.
Resetting the manifest file and password
If you have lost the password for the manifest file, then you need to reset the contents of the manifest file and the password.
- On the coordinator server, delete the
manifest.xmlfile (stored in LGTM's
- To generate a new manifest file:
- If you want to upgrade LGTM Enterprise, run the upgrade script.
- Alternatively, regenerate the files for the cluster configuration.
- During the upgrade—or the cluster configuration regeneration—you will be prompted to set a new password for the manifest file:
- To use the default password—press Enter without giving a password. You will not be prompted to give a password for future upgrades and deployments.
- Otherwise set a password.
- Deploy the upgrade—or revised configurations—on each machine in the LGTM cluster. You must deploy the configurations on all hosts in the cluster, otherwise services on those machines will not be able to communicate with each other. See Deploying an updated configuration on Linux hosts or Deploying an updated configuration on Windows hosts.