Summary: using GeoServer along with postgresql/postgis in Azure - wish to mitigate the risk of the file containing the secrets stored as plain text from being read - is it possible to store the secrets in the KeyStore instead?
Speaking with Ian Turton from Astun has suggested we raise this as a feature request.
Problem description:
We are trying to set up a connection to PostGIS in GeoServer without manual intervention or any type of post-deployment configuration.
Our GeoServer runs as a Docker container.
We have decided to store our configuration in source control.
We have a datastore.xml file, which has the following entry, which has been extracted from a configuration file after setting up the connection to PostGIS manually:
<entry key=“passwd”>crypt2:[some encrypted text here]</entry>
When we attempt to start geoserver with this configuration, we get the following error:
2020-02-24 13:28:26,382 WARN [org.geoserver] - Failed to load data store ‘PostGis’
com.thoughtworks.xstream.converters.ConversionException:
---- Debugging information ----
cause-exception : org.jasypt.exceptions.EncryptionOperationNotPossibleException
cause-message : null
class : org.geoserver.catalog.impl.DataStoreInfoImpl
required-type : org.geoserver.catalog.impl.DataStoreInfoImpl
converter-type : org.geoserver.config.util.XStreamPersister$StoreInfoConverter
line number : 40
version : 2.16.1
at com.thoughtworks.xstream.core.TreeUnmarshaller.convert(TreeUnmarshaller.java:77)
[…] long stack trace
We believe there is a key used for encryption, which is generated on the first run of GeoServer – we have looked at the value stored in geoserver.jceks, which in fact changes if we spin up another instance of GeoServer on the same machine (i.e. rebuild the Docker image and run again). This would be an issue if we scale out our number of container instances, as each instance will have their own unique key in geoserver.jceks.
Storing password in plain text as <entry key=“passwd”>plain:MySecretPassword</entry> works fine.
Any advice on how to progress with this? Have you got any suggestions/advice with regards to storing GeoServer PostGIS configuration in source control?
It was suggested to use a REST API to configure the connection after deployment, however we believe this is just going to store the password in plain text as well.
|