问题
The Corda database password is stored in the node.conf in plain text by default:
https://docs.corda.net/head/node-database.html
What options are available to avoid this?
e.g. can you use jasypt or store the value in an environment variable or a cloud vault system?
Are there samples/examples available?
回答1:
it is possible to override node.conf settings using Environment variables or JVM arguments, see here for more info: https://docs.corda.net/corda-configuration-file.html#overriding-values-from-node-conf
The Enterprise version of Corda also ships with a configuration obfuscator tool which can be used to encrypt settings: https://docs.corda.r3.com/tools-config-obfuscator.html
来源:https://stackoverflow.com/questions/57512712/what-options-are-there-to-protect-database-passwords-in-corda