Page 1 of 1

Password in default.json stored in non-encrypted form

Posted: Tue Dec 03, 2019 3:09 am
by NI3
Hi Team,

Is there a way to keep passwords in default.json in encrypted form because plain non-encrypted password is a security risk for me. For e.g anyone can see password of my postgres and connect to my postgres db.

If there is any provision to store such sensitive data in encrypted form in default.json then please let me know. If there is no such thing, can we expect this logic in next release of DocumentServer?


Thank You.

Re: Password in default.json stored in non-encrypted form

Posted: Tue Dec 03, 2019 1:38 pm
by Carl
Hello,

There is no way to encrypt the content of Document Server configs. What do you mean by
For e.g anyone can see password of my postgres and connect to my postgres db.
?
You shouldn't provide access to your server to the users you don't trust.