search cancel

password encryption in application.yml file on the cloudProxy

book

Article ID: 241376

calendar_today

Updated On:

Products

CA Application Performance Management SaaS

Issue/Introduction

The password encryption in application.yml file on the cloudProxy

The application.yml, we have four entries for the proxy settings:

apm.server.httpProxy.password: <password>
apm.server.httpProxy.host: <proxyHost>
apm.server.httpProxy.port: 8080
apm.server.httpProxy.username: caapm

Is it possible to have some kind of encryption on the password? The security group will not be comfortable with the password being stored in clear text in the config file.

 

Environment

Release : SAAS

Component : CLOUD PROXY EXTENSION

Resolution

According to the DEV/Product Management team, currently, the password encryption in application.yml file on the cloudProxy is not supported. At the moment, the DEV/Product Management team cannot take up this as an enhancement request.

The DEV/Product Management team has following suggestions on security.

Access rights should be set such that the config file is not visible/readable to/by other than trusted users.

File system encryption could also be considered as an additional mean to increase security.

We'd recommend the file security to be handled in line with the internal policies on your side.