How are Edge passwords encrypted in Drupal portal?

Not applicable

Drupal portal communicates to Edge over Management APIs. The APIs are authenticated using username:password. This post here: https://community.apigee.com/questions/20460/where-are-the-edge-endpoint-credentials-stored-loc.html does a great job explaining some aspects of it. But leaves out couple of details. 1) What is the encryption format of the credentials? 2) Where are the private keys stored? 3) Any key rotation available to change private keys periodically?

Solved Solved
0 1 661
1 ACCEPTED SOLUTION

The encryption format is 256 bit AES with CBC encryption mode, using the Open SSL PHP extension.

Both the encrypted credentials and the key are stored in the root of the Drupal private filesystem as the files .apigee and .apigee.key. The Drupal private filesystem location is configurable, you can find out the location by logging in as an admin and going to Administration » Configuration » Media on the admin bar.

There isn't a way to change the private keys periodically.

View solution in original post

1 REPLY 1

The encryption format is 256 bit AES with CBC encryption mode, using the Open SSL PHP extension.

Both the encrypted credentials and the key are stored in the root of the Drupal private filesystem as the files .apigee and .apigee.key. The Drupal private filesystem location is configurable, you can find out the location by logging in as an admin and going to Administration » Configuration » Media on the admin bar.

There isn't a way to change the private keys periodically.