Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.

How Encrypt-Decrypt Data in AEM , Crypto Support ? | AEM Community Blog Seeding

Avatar

Administrator

BlogImage.jpg

How Encrypt-Decrypt Data in AEM , Crypto Support ? by Aemrules

Abstract

How to Use Crypto Support in AEM to Encrypt/Decrypt Data?


While working with AEM, The AEM dev-ops / developer team sometimes have a requirements to call third-party APIs/Services. Configurations related to these APIs/Services like username, passwords, client id/secrets, API keys are usually stored in a code repository in the form of OSGi configuration. This sensitive information should be stored encrypted rather than plain-text format.

This is possible through the OOTB AEM Crypto Support bundle. This bundle provides services for encrypting and decrypting the confidential/secured data through system-wide keys (hmac and master files).



What are the Features of Crypto Support?

Decryption happens at runtime.
No one can decrypt the data through the UI. There’s no UI to decrypt the encrypted data. So, the information remains secure.


What are hmac/master keys?

Encryption/decryption happens through keys (hmac and master files).
These keys get generated during the first startup of AEM instance.
In older versions of AEM (< 6.3), these files are stored under /etc/key but recent AEM versions have these files on the file system under crx-quickstart.
These keys are unique for every AEM instance.

Read Full Blog

How Encrypt-Decrypt Data in AEM , Crypto Support ?

Q&A

Please use this thread to ask the related questions.



Kautuk Sahni
0 Replies