Obfuscation Key
secrets/obf_key
Specifies an obfuscation key which is used to decrypt the OBF:<data> type entries.
The obfuscation key is a passphrase which can be used to perform key derivation to generate the key used to decrypt obfuscated entries.
Example Steps:
An obfuscated entry can be generated with the following command which requires OpenSSL 1.1.1 or newer:
echo -n "<configuration entry>" | openssl enc -aes256
-pbkdf2 -pass pass:"<obfuscation key>" -md sha512
-base64
U2FsdGVkX19iBhlwc53+QkybjO6RjFHhSbz4VRudYHA=
This obfuscation key and obfuscated entry can be provided in the configuration YAML.
Property
| Name | Type | Constraints |
|---|---|---|
| obf_key | string |
Example
secrets:
obf_key: "<obfuscation key>"
# ...
identity:
oidc:
client_secret: "OBF:U2FsdGVkX19iBhlwc53+QkybjO6RjFHhSbz4VRudYHA="
Updated about 2 years ago