-
Suggestion
-
Resolution: Unresolved
-
None
Hi,
I'm excited to share that in Confluence Server we are adding an extra layer of security. You can now encrypt the database password that is stored in confluence.cfg.xml file with one of the encryption methods provided.
You can find more information in the below docs :-
- https://confluence.atlassian.com/display/CONFEAP/Encrypt+database+password
- https://confluence.atlassian.com/display/CONFEAP/Basic+encryption
- https://confluence.atlassian.com/display/CONFEAP/Advanced+encryption
- https://confluence.atlassian.com/display/CONFEAP/Custom+encryption
This is really the same underlying issue as BSERV-10043, but applies to Confluence (as it should to all database passwords stored at rest for other Atlassian applications).
We are following Jira and Bitbucket’s lead on this for the sake of a consistent admin experience. In Bitbucket It's an opt-in feature that requires an admin to make a choice about what type of Cipher, etc. their installation uses. But there is no specific instructions for Azure based installations.
Hence, suggestions needed here for Azure based installations might get encryption enabled?
- follows
-
CONFSERVER-60073 Password for database inside Confluence.cfg.xml is not encrypted
- Closed