Spotfire Server: It is possible to modify the password of the Spotfire Configuration Tool via update-bootstrap CLI command

Details:

At some point in the past, if the tool password of your Spotfire deployment became unknown, then in order to open the Spotfire Server Configuration Tool window or execute config commands, it was necessary to recreate the Spotfire bootstrap file.

Solution:

The currently supported versions of Spotfire allow administrators to modify the tool password via update-bootstrap command. Note, this command does not require a correct tool password to run and this is by design.

Please refer to the -t parameter described in the below published article:

https://docs.tibco.com/pub/spotfire_server/14.0.7/doc/html/TIB_sfire_server_tsas_admin_help/server/topics/update-bootstrap.html

The following example sets the new password to be 999999 : 

config update-bootstrap -u <DB_name> -p <DB_password> -t 999999

Rationale:  If you have the Spotfire Server's database credentials, you already have full access to the server configuration stored in the database. You don't even need to use any Spotfire tool to retrieve or modify the configuration. That is why it is possible to create a new bootstrap file with a new configuration tool password at any time, given that you have the database credentials. If you don't have the database credentials, then you instead have to know the configuration tool password in order to access or modify the server configuration. This way, it is possible to assume the role of a Spotfire administrator without having the database credentials.