1

We have a dropwizard microservice which accesses a MySQL database. We currently stored encrypted credentials for database access in a configuration file (env.properties) so that it can be changed at deploy time by an ansible script per environment.

The encryption key is something we need to decrypt the credentials, and there is some debate about how to store it. Some options:

  • Store the key in the config file. The key is environment specific as well, and because we are deploying the code with ansible, the credentials and keys will not be stored in the microservice repository. The downside here is that the encrypted password is stored in the same file as the key to decrypt it.
  • Store the key in a startup script, which loads the value into environment variables. Ops didn't like this because they would have to manage two files. currently they only want to manage a single environment properties file. This is understandable because we have enough issues managing the one file, as it is.

What is the best practice for managing this decryption key?

MedicineMan
  • 15,008
  • 32
  • 101
  • 146
  • Well, you could use [jasypt](http://stackoverflow.com/a/10307724/1361506). – azurefrog Apr 11 '17 at 18:26
  • There is third-party module doing similar thing: https://github.com/palantir/encrypted-config-value Their approach is a little different: you create a separate key file somewhere. Then encrypt some of the values with this key file. Replace the original values with the encrypted ones in the configuration file. They seem to support RSA key pairs - public and private keys. – zloster Apr 11 '17 at 21:13
  • Why do you cipher the credentials on the conf file ? We use credstash and ansible. The buildbot has the key to decrypt and he puts the correct value on the conf file. No dev can see the value. – Ôrel Apr 12 '17 at 18:00

0 Answers0