Key Management

  • 2 months ago
  • 55 views
  • 0 comments

  • About 3 minutes to read

Plato leverages the ASP.NET Core Data Protection APIs to secure sensitive data stored within Plato.

The data protection APIs use private keys to encrypt & decrypt data. The generation, persistence & life cycle of these private keys is generally managed by the data protection system. For more information see Key Management in ASP.NET Core.

Local Development

When developing with Plato locally the data protection system will use the secret manager to store these private keys on the file system on your local development machine. You can ignore this article if your developing locally but will need to consider this once publishing to production.

Production

When deploying Plato to production you will need to choose were to store & persist your private keys. Please choose carefully as once set we would not suggest changing this location. Please continue reading for further details.

Why Persist Keys

Persisting your private keys will ensure if your IIS configuration changes or your application pool restarts your private keys don't change and data can successful be decrypted. If you don't persist your private keys if data is encrypted and your private keys change this data cannot be decrypted. This can lead to users being logged out unexpectedly or emails not sending.

Where should i store my key file

To ensure your private keys remain private and are never pushed into source control or accessible via a public URL we would strongly suggest storing your private keys outside of the Plato source code folder or the published Plato web site. Plato won't serve your key files by default however if the ASP.NET Core pipeline fails for any reason your key file could potentially be served by the static file handler and as such should never be included within your web site folder.

Persisting Keys via appsettings.json

To ease deployments Plato can persist your private keys within a secure key ring on the file system. This key ring can either be stored within a location on your web servers hard drive or a UNC share.

To configure Plato to store your key ring on the file system you'll need to edit the appsettings.json file within the root of your Plato web site and update the Plato\SecretsPath setting to include the full physical path to the folder were you would like to store your key ring. You can see an example below were we are storing our key ring to the "F:\Files\Secrets" path on the local file system...

appsettings.json

{
  "Plato": {
    "SecretsPath": "F:\\Files\\Secrets\\"
  }
}

Or optionally you can store keys on a UNC network share...

{
  "Plato": {
    "SecretsPath": "\\server\\share\\secrets\"
  }
}

If the configured folder does not exist Plato will attempt to create the folder. If no key ring already exists Plato will automatically generate a key ring and add random private keys. You will see a randomly named file pop up in the configured location as shown below...

keys.png

What information is protected by the data protection APIs

The data protected within Plato by the data protection APIs includes...

  • Authentication cookies - Persisted on the client
  • Email Settings - Persisted within the Plato database
  • API / Integration keys - Persisted within the Plato database

Sharing Keys (Wab Farms)

If you need to share keys we would suggest using a network share to store your private keys which is accessible from your web servers. You can configure the SecretsPath with a UNC network share as demonstrated above.

Azure Key Vault

We currently don't support storing your private keys within an Azure Key Vault. If you would like to add this please contribute. We are hoping to introduce this functionality in a future update. Stay tuned.

Can we improve this doc? Login or register to tell us how
Your Feedback
Cancel
In this doc