You can view the contents of the Cloud Foundation configuration backup file by downloading the file from the dedicated SFTP server to a local directory, then decompressing and decrypting the contents.

  • Verify that you have updated your local JRE with the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files.

    Because the backup file uses 256-bit AES encryption, you must have the JCE policy files installed in your local JRE installation to decrypt them. You can download the JCE policy files from

    After you download them, add the JCE policy files to your local JRE security folder (JDK_HOME/jre/lib/security). This requires overwriting the existing files in the security folder.


  1. Copy the backup file (SDDCManager-Config_timestamp.tar.gz) from its location on the SFTP server to a local directory.
  2. Decompress the SDDCManager-Config_timestamp.tar.gz.tar.gz file.

    The decompressed tar file contains the decrypt-util.jar utility and three encrypted JSON files:

    • credentials-timestamp.json

    • host-info-timestamp.json

    • vcf-bundle-version-timestamp.json

  3. Run the decrypt-util.jar utility to decrypt the encrypted files.
    [Local Directory]\SDDCManager-Config_timestamp.tar\SDDCManager-Config_timestamp> \
         java -jar decrypt-util.jar

    The CLI displays the contents of the tar file and prompts you to proceed. For example:

    The following encrypted files are available in the current directory
    1 - credentials-timestamp.json
    2 - host-info-timestamp.json
    3 - vcf-bundle-version-timestamp.json
  4. Enter Y to proceed.
  5. When prompted, enter the password that was specified when the backup was configured.
    Enter Pass Phrase ( must match the one entered during backup configuration ):

    The files are decrypted and copied to a new subdirectory with the same name as the original tar file, for example SDDCManager-Config_timestamp.

    A decrypted file with extension (.txt) is generated for each of the encrypted JSON files (.json) in the same folder. The contents of the decrypted files are written in JSON format and it is recommended you view them using a JSON editor.