Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-16918

nuxeo.conf password encryption

    XMLWordPrintable

    Details

    • Tags:
    • Impact type:
      API change, Configuration Change
    • Upgrade notes:
      Hide

      Upgrade to commons-cli:commons-cli:1.3.1
      Upgrade to org.freemarker:freemarker:2.3.23

      It is now possible to encrypt the sensitive configuration data stored in nuxeo.conf.
      New nuxeoctl commands: encrypt, decrypt, config.
      New configuration parameters: server.crypt.secretkey, server.crypt.keystore.path, server.crypt.keystore.pass, server.crypt.keyalias

      Show
      Upgrade to commons-cli:commons-cli:1.3.1 Upgrade to org.freemarker:freemarker:2.3.23 It is now possible to encrypt the sensitive configuration data stored in nuxeo.conf. New nuxeoctl commands: encrypt, decrypt, config. New configuration parameters: server.crypt.secretkey, server.crypt.keystore.path, server.crypt.keystore.pass, server.crypt.keyalias
    • Sprint:
      DevOps Sprint 10

      Description

      Sensitive configuration data can be encrypted to avoid clear data in the configuration files, especially nuxeo.conf.
      New commands usage:

      nuxeoctl encrypt [--encrypt <algorithm>] [<clearValue>..] [-d [<categories>]|-q]
    Output encrypted value for <clearValue>.
    If <clearValue> is not provided, it is read from stdin.
 
nuxeoctl decrypt '<cryptedValue>'.. [-d [<categories>]|-q]
    Output decrypted value for <cryptedValue>. The secret key is read from stdin.
 
nuxeoctl config [--encrypt [<algorithm>]] [--set [<template>]] [<key> <value>].. <key> [<value>] [-d [<categories>]|-q]
    Set template or global parameters.
    If <value> is not provided and the --set 'option' is used, then the value is read from stdin.
 
nuxeoctl config [--get] <key>.. [-d [<categories>]|-q]
    Get value for the given key(s).
 
nuxeoctl config [--get-regexp] <regexp>.. [-d [<categories>]|-q]
    Get value for the keys matching the given regular expression(s).

      See "nuxeoctl help" and online documentation: ADMINDOC/nuxeoctl and Control Panel Usage and ADMINDOC/Sensitive Configuration Data Encryption.

        Attachments

          Issue Links

          depends on

          Clean up - NXP-18662 Use Properties.setProperty(String, String)

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Reopened
          is related to

          Bug - A problem which impairs or prevents the functions of the product. NXP-24884 Email notification service must support encrypted parameters

          • Major - Major loss of function.
          • Resolved
          is required by

          Bug - A problem which impairs or prevents the functions of the product. NXP-17775 nuxeoctl gui start doesn't start the server

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: