Reputation: 39
Encrypting MongoDB password
I'm using spring's mongo template to access my db, I was wondering if it is possible to encrypt asymmetrically the password usage such that i'll provide the DB the one key, and I'll have the other. (Encrypt only the authentication part, not the whole connection/data)
Thanks
Upvotes: 0
Views: 656
Answers (1)
Reputation: 3383
Sounds like you want x.509 authentication. Help on getting that setup is a little too broad for a single stack overflow question. There are various guides you can find with a Google search and for the nitty gritty details of what is happening under the hood and common issues I wrote a long blog post.
If you really don't want the encryption of the "whole connection" (and I would strongly encourage you to reconsider that since it is basically free) you can use on the NULL cipher suites with the SSL connection. Configuring the client to offer only NULL cipher suites (and getting the server to accept them) will, again, require more details on your specific setup.
HTH - Rob
P.S. Just to be clear the authentication messages in SSL are done "in the clear". The contents of the messages contain portions that are asymmetrically encrypted (challenges and pre-master secret) but the bulk of the handshake exchanges are in the clear.
Upvotes: 1
Related Questions
- How to encrypt Spring Boot application data in mongodb
- Encrypt password fields in mongodb
- Password encoding and decoding using Spring Security, Spring Boot and MongoDB
- encrypted database password MongoDb
- Spring Data read MongoDB password from a vault or other protected source
- MongoDB database encryption
- How to encrypt field in MongoDB
- encrypting mongo password in datasource definition using springboot
- How to encrypt mongo db password with jasypt?
- Spring Mongo template password encryption