I want to encrypt sensitive data in application properties. I will use AES algorithm to encrypt/decrypt data. The key to decrypt will be stored in ENV variables, accessing this key requires the same privileges as modifying production application.
What do you think about this approach?
How do you protect sensitive data?
There are many ways:
This is really too broad of a topic for Stackoverflow and is not really specific to Spring Boot or anything in particular.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.