Uploaded image for project: 'Kuali Rice Development'
  1. Kuali Rice Development
  2. KULRICE-3830

encryption.key is currently being included in common-config-defaults.xml

    Details

    • Type: Bug Fix
    • Status: Closed
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.0.1.1
    • Component/s: Development
    • Labels:
      None

      Description

      We should not be including a default encryption.key value out of the box. What's going to happen is that most people aren't going to be aware of this value and will just use the default distributed value. This encryption will then be (essentially) useless if they are using a known default key.

      This is an impacting change because someone who upgrades would need to be sure to set encryption.key back to it's original value (if they didn't have it configured somewhere else).

      The easiest solution here will be to just remove it from common-config-defaults.xml and create a KRDOC jira to make sure we document this in the release notes for 1.0.1.1

        Attachments

          Issue Links

            Activity

            Hide
            ewestfal Eric Westfall added a comment -

            I made this change and tested it out to make sure things were working again. We'll see what the CI results say later tonight.

            Show
            ewestfal Eric Westfall added a comment - I made this change and tested it out to make sure things were working again. We'll see what the CI results say later tonight.

              People

              • Assignee:
                ewestfal Eric Westfall
                Reporter:
                ewestfal Eric Westfall
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: