Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-2146

Encrypt all passwords stored on the file system

XMLWordPrintable

    • 17
    • 23
    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Problem

      Passwords are not encrypted in the following file:

      • confluence-mail.cfg.xml
      • confluence.cfg.xml
      • catalina.properties
      • server.xml
      • other files that contain password

      Suggested solution

      Resolve an encryption scheme for anything requiring security stored on the file system.

       

      Atlassian Update - 2024-05-06

      Hi everyone,

      This is mandreacchio from the Confluence DC PM team. Thank you for your interest in this suggestion.

      I'm transitioning this issue over to In Progress given we've started work on this suggestion.

      In Confluence 8.7 we rolled-out AES (128-bit) and external-secret manager (AWS Secret Manager and Hashicorp Vault) for database configuration secrets (confluence.cfg.xml). Additionally, we've enabled AES encryption (128-bit) in the user directory configuration / server.xml in Confluence 8.9.

      We'll be bringing in more files/areas under the expanded scope for AES 256-bit encryption by default, we've shared this on our public roadmap via this announcement. We hope to bring the remaining functionality to close out this request to you soon, please keep an eye here and on our release notes for further updates.

      Kind regards,

       

      Michael Andreacchio
      Confluence Data Center Product Management

            mandreacchio Michael Andreacchio
            nick@atlassian.com Nick Faiz [OLD] (Inactive)
            Votes:
            196 Vote for this issue
            Watchers:
            149 Start watching this issue

              Created:
              Updated: