Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-2146

Encrypt all passwords stored on the file system

XMLWordPrintable

    • 17
    • 23
    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Problem

      Passwords are not encrypted in the following file:

      • confluence-mail.cfg.xml
      • confluence.cfg.xml
      • catalina.properties
      • server.xml
      • other files that contain password

      Suggested solution

      Resolve an encryption scheme for anything requiring security stored on the file system.

       

      Atlassian Update - 2024-10-08

      Hi everyone,

      Thanks for your interest in this suggestion. I'm pleased to let you know that we have released default password encryption for Confluence in version 9.1.

      Further information on this can be found in our release notes, and here.

      Kind regards,

      Michael Andreacchio
      Confluence Data Center Product Management

          Form Name

            [CONFSERVER-2146] Encrypt all passwords stored on the file system

            Edward made changes -
            Remote Link New: This issue links to "DCCLIP-1115 (JIRA Server (Bulldog))" [ 980268 ]
            Michael Andreacchio made changes -
            Remote Link New: This issue links to "Page (Confluence)" [ 966112 ]
            Harippriya Sivapatham made changes -
            Remote Link Original: This issue links to "Page (Confluence)" [ 956194 ]
            Harippriya Sivapatham made changes -
            Remote Link New: This issue links to "Page (Confluence)" [ 956194 ]
            Michael Andreacchio made changes -
            Description Original: h2. Problem

            Passwords are not encrypted in the following file:
             * confluence-mail.cfg.xml
             * confluence.cfg.xml
             * catalina.properties
             * server.xml
             * other files that contain password

            h2. Suggested solution

            Resolve an encryption scheme for anything requiring security stored on the file system.

             
            {panel:title=Atlassian Update - 2024-05-06|borderStyle=solid|borderColor=#6554c0|titleBGColor=#6554c0|bgColor=#eae6ff}
            Hi everyone,

            This is [~mandreacchio] from the Confluence DC PM team. Thank you for your interest in this suggestion.

            I'm transitioning this issue over to In Progress given we've started work on this suggestion.

            In Confluence 8.7 we rolled-out AES (128-bit) and external-secret manager (AWS Secret Manager and Hashicorp Vault) for database configuration secrets (confluence.cfg.xml). Additionally, we've enabled AES encryption (128-bit) in the user directory configuration / server.xml in Confluence 8.9.

            We'll be bringing in more files/areas under the expanded scope for AES 256-bit _encryption by default,_ [we've shared this on our public roadmap via this announcement.|https://www.atlassian.com/wac/roadmap/data-center/Secret-Manager-integration-mail-server?p=57ff5d7a-10] We hope to bring the remaining functionality to close out this request to you soon, please keep an eye here and on our release notes for further updates.

            Kind regards,

             

            Michael Andreacchio
            Confluence Data Center Product Management
            {panel}             		New: h2. Problem

            Passwords are not encrypted in the following file:
             * confluence-mail.cfg.xml
             * confluence.cfg.xml
             * catalina.properties
             * server.xml
             * other files that contain password

            h2. Suggested solution

            Resolve an encryption scheme for anything requiring security stored on the file system.

             
            {panel:title=Atlassian Update - 2024-10-08|borderStyle=solid|borderColor=#6554c0|titleBGColor=#6554c0|bgColor=#eae6ff}
            Hi everyone,

            Thanks for your interest in this suggestion. I'm pleased to let you know that we have released default password encryption for Confluence in version 9.1.

            Further information on this can be found in [our release notes|https://confluence.atlassian.com/doc/confluence-9-1-release-notes-1431966396.html?atl_token=c965cffff3c45839e64a043fd312c85e30d741e8#Confluence9.1releasenotes-Defaultencryption], and [here|https://confluence.atlassian.com/doc/confluence-home-and-other-important-directories-590259707.html].

            Kind regards,



            Michael Andreacchio
            Confluence Data Center Product Management
            {panel}
            Michael Andreacchio made changes -
            Fix Version/s New: 9.1.0 [ 108795 ]
            Resolution New: Fixed [ 1 ]
            Status Original: In Progress [ 3 ] New: Closed [ 6 ]
            Michael Andreacchio made changes -
            Link New: This issue relates to CONFSERVER-98153 [ CONFSERVER-98153 ]
            Byron Conroy made changes -
            Remote Link Original: This issue links to "Page (Confluence)" [ 951586 ]
            Byron Conroy made changes -
            Remote Link New: This issue links to "Page (Confluence)" [ 951758 ]
            Byron Conroy made changes -
            Remote Link New: This issue links to "Page (Confluence)" [ 951586 ]

              mandreacchio Michael Andreacchio
              nick@atlassian.com Nick Faiz [OLD] (Inactive)
              Votes:
              195 Vote for this issue
              Watchers:
              149 Start watching this issue

                Created:
                Updated:
                Resolved: