You are here

Encrypting properties

The alfresco-global.properties file (and other subsystem properties file) holds configuration properties that contain sensitive information or passwords, such as db.password. Use this information to encrypt any property using the Alfresco Encrypted Properties Management Tool.
This tool uses the RSA/ECB/PKCS1PADDING encryption algorithm.
Note: This functionality is not related to encrypted node properties or cryptographic password hashing.
Important: Boolean properties, number properties, and properties that contain expressions cannot be encrypted.

The values for some of the properties that may contain sensitive data (see the list below) is hidden from JMX whereas other values, including non-sensitive values are shown in JMX. The administrator can set new values for the security-sensitive properties in JMX but they can't see the old value.

Here is the list of protected attributes (the value for these will be masked in the JMX console and Admin Console UI):

  • alfresco.hazelcast.password
  • db.password
  • mail.password
  • solr.solrPassword
  • cryptodoc.jce.key.passwords
  • cryptodoc.jce.keystore.password
  • ldap.synchronization.java.naming.security.credentials

Sending feedback to the Alfresco documentation team

You don't appear to have JavaScript enabled in your browser. With JavaScript enabled, you can provide feedback to us using our simple form. Here are some instructions on how to enable JavaScript in your web browser.