Date: Tue, 4 Sep 2018 20:51:49 -0400 From: Alejandro Imass <aimass@yabarana.com> To: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Credentials/keychain/keystore for server applications on FreeBSD? Message-ID: <CAHieY7THk%2BwsbuSmYe8BoWN%2BzuQOqX%2BM-FGLhBqOvptdfYXspA@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi, Are there any tools that can store application credentials in encrypted form and then provide them to applications in a secure manner at runtime ? I=E2=80=99m looking for a generic tool that provides some sort of protocol = with timeouts etc. For example, a server application needs user and password for database access and can query this tool for them on startup exactly one time. Maybe the tool could control the number of times it gives out the credentials or timeout after a certain period (e.g. 2 minutes after reboot) Then would require authentication to open up the vault again. There must be a better way of managing all the disparate credentials that several applications may need in a secure way instead of storing these credentials in clear text in some config file which is what most people do.. maybe something like the JKS but generic to any type of app with some relatively secure protocol. TIA for any pointers or ideas. Alex
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHieY7THk%2BwsbuSmYe8BoWN%2BzuQOqX%2BM-FGLhBqOvptdfYXspA>