Hi,
Is it possible to $subject, for the key store that is used to encrypt the
plain text passwords? Currently AFAIU its stored in a temporary file, which
will get deleted after the carbon server started.
--
Thanks and Regards,
Isuru H.
+94 716 358 048* http://wso2.com/*
Hi,
If this file is named 'password-persist', it will not be deleted.
[1] -
http://ajithvblogs.blogspot.com/2014/01/secure-custom-properties-file-using.html
Note:~ This temp file(password-tmp) will be delete after the server
started. It implied that you have to create that file for every
Thanks Pushpalanka.
On Fri, Dec 12, 2014 at 12:44 PM, Pushpalanka Jayawardhana la...@wso2.com
wrote:
Hi,
If this file is named 'password-persist', it will not be deleted.
[1] -
http://ajithvblogs.blogspot.com/2014/01/secure-custom-properties-file-using.html
Note:~ This temp
But I wonder whether we could recommend this approach. If you get rid of
key store password, you could decrypt any encrypted password, isn't it ?
On Fri, Dec 12, 2014 at 5:21 PM, Isuru Haththotuwa isu...@wso2.com wrote:
Thanks Pushpalanka.
On Fri, Dec 12, 2014 at 12:44 PM, Pushpalanka
On Fri, Dec 12, 2014 at 12:56 PM, Nirmal Fernando nir...@wso2.com wrote:
But I wonder whether we could recommend this approach. If you get rid of
key store password, you could decrypt any encrypted password, isn't it ?
Yes, that is true. However, for a secure deployment this is acceptable
hmm.. then why we need to encrypt anything at all ?
On Fri, Dec 12, 2014 at 5:29 PM, Isuru Haththotuwa isu...@wso2.com wrote:
On Fri, Dec 12, 2014 at 12:56 PM, Nirmal Fernando nir...@wso2.com wrote:
But I wonder whether we could recommend this approach. If you get rid of
key store
On Fri, Dec 12, 2014 at 1:00 PM, Nirmal Fernando nir...@wso2.com wrote:
hmm.. then why we need to encrypt anything at all ?
Good point. AFAIS its sometimes a policy for certain environments to keep
passwords encrypted.
On Fri, Dec 12, 2014 at 5:29 PM, Isuru Haththotuwa isu...@wso2.com