Quarkus keycloak db-password encryption in keycloak.conf

[Senthil Kumar]

I am implementing the quarkus keycloak as identity module and one of the requirement is to encryption db-password in the keycloak.conf.

Its security risk to keep the db-password as plaintext.

 is there any custom provider for postgresql db level or quarkus extension available?

I am using windows quarkus keycloak runs as standalone service.

 

Is there any way where we can encrypt in keycloak.conf which decrypts using customer provider? Or built in module supports to do that.

 

Can you help me to understand who initializes the postgresql db connection either by quarkus module or keycloak module?