[keycloak-dev] Private Keys in plain text in database

Stian Thorgersen sthorger at redhat.com
Thu Dec 1 04:09:14 EST 2016


https://issues.jboss.org/browse/KEYCLOAK-3445

Until we get around to solving that one you can use a Java keystore for the
keys or implement your own custom key provider.

On 1 December 2016 at 03:42, Muein Muzamil <shmuein+keycloak-dev at gmail.com>
wrote:

> Hi all,
>
> I noticed currently we are storing private keys in plain text in the
> database, our security team has raised some concerns on that, is there any
> way to encrypt these private keys before storing them in database?
>
> Regards,
> Muein
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>


More information about the keycloak-dev mailing list