WildFly Elytron Tool, Vault command summary contains MASKed password without --iteration and --salt when is used MASKed password for access to VAULT. ----------------------------------------------------------------------------------------------------------------------------------------------------- Key: ELY-1126 URL: https://issues.jboss.org/browse/ELY-1126 Project: WildFly Elytron Issue Type: Bug Components: Credential Store Reporter: Hynek Švábek Assignee: Darran Lofthouse Vault command summary contains MASKed password without --iteration and --salt when is used MASKed password for access to VAULT. MASKed password must contain SALT and ITERATION as is expected: *credential-reference=\{clear-text="MASK-2hKo56F1a3jYGnJwhPmiF5;12345678;34"\}* FYI: plain text password is "secretsecret". *How to reproduce* Download all attachments to same location as *wildfly-elytron-tool.jar* and run this command: {code} [hsvabek@dhcp-10-40-5-100 003]$ java -jar wildfly-elytron-tool.jar vault --enc-dir . --keystore server.store --keystore-password MASK-2hKo56F1a3jYGnJwhPmiF5 --salt 12345678 --iteration 34 --location converted001.store --alias jboss --summary Vault (enc-dir=".";keystore="server.store") converted to credential store "converted001.store" Vault Conversion summary: -------------------------------------- Vault Conversion Successful CLI command to add new credential store: /subsystem=elytron/credential-store=cs:add(relative-to=jboss.server.data.dir,location="converted001.store",implementation-properties={},credential-reference={clear-text="MASK-2hKo56F1a3jYGnJwhPmiF5"}) {code} Credential reference contains MASKed password without salt and iteration (credential-reference={clear-text="MASK-2hKo56F1a3jYGnJwhPmiF5"})