GoCD version 19.4 uses AES, To encrypt password Go use the POST /go/api/admin/encrypt, but how the encryption key is secured and where is it stored?

[Venkatesa Kumar]

We are suggesting one of the client to use GoCD for Continuous Delivery instead of Jenkins, During security discussion above question is related question.

GoCD version 19.4 uses AES, To encrypt password Go use the POST /go/api/admin/encrypt, but  how the encryption key is secured and where is it stored?

[Ketan Padegaonkar]

The cipher is stored in the file cipher.aes in the config directory. As for security, we make sure that the config directory and file is only readable by the gocd server.

- Ketan

On Thu, Nov 28, 2019 at 8:03 PM Venkatesa Kumar <gvku...@gmail.com> wrote:

We are suggesting one of the client to use GoCD for Continuous Delivery instead of Jenkins, During security discussion above question is related question.

GoCD version 19.4 uses AES, To encrypt password Go use the POST /go/api/admin/encrypt, but  how the encryption key is secured and where is it stored?

--
You received this message because you are subscribed to the Google Groups "go-cd" group.
To unsubscribe from this group and stop receiving emails from it, send an email to go-cd+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/go-cd/50db812d-ebac-442c-b9c2-77bcdd935352%40googlegroups.com.

[Venkatesa Kumar]

Thanks ketan

To view this discussion on the web visit https://groups.google.com/d/msgid/go-cd/CAMUPJd5ac-X0653E7pEM9tAvD39b7QYaJ-NG7K-Bga83v0F1jQ%40mail.gmail.com.