-
Suggestion
-
Resolution: Unresolved
-
None
-
17
-
23
-
Problem
Passwords are not encrypted in the following file:
- confluence-mail.cfg.xml
- confluence.cfg.xml
- catalina.properties
- server.xml
- other files that contain password
Suggested solution
Resolve an encryption scheme for anything requiring security stored on the file system.
Hi everyone,
This is mandreacchio from the Confluence DC PM team. Thank you for your interest in this suggestion.
I'm transitioning this issue over to In Progress given we've started work on this suggestion.
In Confluence 8.7 we rolled-out AES (128-bit) and external-secret manager (AWS Secret Manager and Hashicorp Vault) for database configuration secrets (confluence.cfg.xml). Additionally, we've enabled AES encryption (128-bit) in the user directory configuration / server.xml in Confluence 8.9.
We'll be bringing in more files/areas under the expanded scope for AES 256-bit encryption by default, we've shared this on our public roadmap via this announcement. We hope to bring the remaining functionality to close out this request to you soon, please keep an eye here and on our release notes for further updates.
Kind regards,
Michael Andreacchio
Confluence Data Center Product Management
- is duplicated by
-
CONFSERVER-8547 Encrypt all passwords stored on the file system
- Closed
-
CONFSERVER-57946 Encrypt all passwords stored on the file system
- Closed
-
CONFSERVER-60073 Password for database inside Confluence.cfg.xml is not encrypted
- Closed
- is related to
-
JRASERVER-31004 Encrypt database password in dbconfig.xml
- Closed
- relates to
-
CONFSERVER-31605 LDAP and Active Directory credentials are stored in plain text in database
-
- Closed
-
-
CONFSERVER-7440 kerberos authentication support in Confluence for LDAP
- Closed
-
CWD-4071 Encrypt Database Password in crowd.cfg.xml or use integrated authentication
- Closed
-
CONFCLOUD-2146 Encrypt all passwords stored on the file system
- Gathering Interest
-
CONFSERVER-11496 Advanced password management
- Gathering Interest
-
CONFSERVER-60024 Automatic password rotation for AWS Secrets Manager
- Gathering Interest
-
CONFSERVER-78567 Ability to Encrypt or obfuscate the plain text password in server.xml
- Gathering Interest
-
CONFSERVER-29534 Passwords of configured SMTP mail accounts are stored in cleartext
- Under Consideration
-
ANTM-638 Loading...
-
JOT-56 Loading...
- is action for
-
VULN-359557 Loading...
- mentioned in
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...