Keys are getting unprotected without using crypto.unprotect() from backend

Question

Hi,

I am giving encrypted keys in OSGI configuration, but keys are getting unprotected(decrypted) without using crypto. Unprotect () in backend. Can anyone please help me why this issue is happening.

aanchal-sikka · Accepted Answer

Hello @harinivr

Please refer to this blogs: https://www.nextrow.com/blog/adobe-experience-manager/crypto-support-in-aem-to-encrypt-decrypt-data

The encrypted value generated for the same plain-text string will differ from one AEM instance to another instance because keys are unique to each instance. Thus, its the AEM only who can encrypt and decrypt.

arunpatidar · Answer

Hi @harinivr
AEM provides a Configuration Plugin to decrypt configuration properties. This AEM Plugin will automatically decrypt and retrieve the clear text from osgi properties.

https://experienceleague.adobe.com/docs/experience-manager-65/administering/security/encryption-support-for-configuration-properties.html?lang=en#decryption-support

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded