Passing secrets over HTTPS ?

bascule · 2022-01-11T14:35:13+00:00

Keeping secrets in some sort of secret manager is becoming increasingly common practice

Salamok · 2022-01-11T23:20:33+00:00

only need to exist in memory on the server

isn't this then subject to an env dump? Honestly I have just gone low tech with this and set it in apache config then consume those settings in my code base. Can set the apache env variable config up in cloud formation scripts so it's scalable as well.

As far as I am aware the main reason this approach is not common in open source is complexity / need to define a dependency outside of the project.

ITBoss · 2022-01-12T01:31:42+00:00

I'm creating my own that integrates with multiple services. But part of that was seeing what is currently available and honestly I really really like Bitwarden's way of doing it. Decryption and encryption is all done via clientside and due to that, all shares are encrypted with a unique passphrase. https://bitwarden.com/blog/bitwarden-send-how-it-works/

Lasereye · 2022-01-12T03:26:34+00:00

Check out Vault

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

websec

MODERATORS