Some links on encrypting configuration files or sections
Posted by jpluimers on 2018/10/18
All encryption comes down to a combination of key management and tooling.
With more and more communication projects going on, encryption of the secrets (passwords, API keys, etc) in configuration files, especially the ones that might end up in (sometimes public) repositories will need my attention some day.
My gut feeling is that an asymmetric solution might work best for these kinds of problems.
Here are some links:
- [WayBack] How to securely store API keys – DEV Community 👩💻👨💻
- [WayBack] Rails 5.2 credentials – cedarcode – Medium
- [WayBack] The best way to store secrets in your app is not to store secrets in your app
- via [WayBack] Where is the right place to store db passwords, api keys, etc? What is best prac… | Hacker News:
- [WayBack] GitHub – StackExchange/blackbox: Safely store secrets in Git/Mercurial/Subversion
- [WayBack] Introduction – Vault by HashiCorp (which has key expiration)
- [WayBack] Matthew D Fuller – Blog: Using IAM Roles and S3 to Securely Load Application Credentials
- [WayBack] Keywhiz A file-based secret management and distribution system
- [WayBack] Windows Data Protection
- [WayBack] The Twelve-Factor App A methodology for building modern, scalable, maintainable software-as-a-service apps.
- [WayBack] Encrypting Secret Data at Rest – Kubernetes
- [WayBack] ASP.NET IIS Registration Tool (Aspnet_regiis.exe)
- [WayBack] Encrypting and Decrypting Configuration Sections
- It can do asymmetric encryption as explained at [WayBack] Encrypting Credentials in App.config for Multiple Machines | My Web Anecdotes
–jeroen
The Wiert Corner - irregular stream of stuff 
Leave a Reply