Encrypting deployment files and passwords

Before you deploy your NexJ application to a production environment, you should help to secure it by encrypting your deployment files and passwords.

While you are developing your NexJ application, you might not yet need to secure sensitive information in your deployment. However, when you are ready to deploy your application, you will want to encrypt the deployment files and passwords. Encrypting files and passwords encodes their contents so that they cannot be read by unauthorized users.

The process to encrypt files and passwords in your deployment is typically as follows:
  1. Create a master password file using the NexJ Cipher Tool.
    Note: If you have previously generated a master password file for your deployment, you do not need to perform this step unless you have changed the encryption password.
  2. Encrypt your deployment files and passwords in NexJ Studio. Ensure that the encryption password matches the password in the master password file.
  3. Set up password encryption on your application servers.

When you encrypt a file or password, you specify a master password that is used to encrypt it. When an application server or user tries to access the encrypted files or passwords, they must provide the master password in order to decrypt the information.

You can give application servers and users access to encrypted files and passwords without providing them with the master password. To do this, you provide them with a master password file. A master password file is a type of key that allows anyone who possesses it to decrypt information that was encrypted using the corresponding master password.

You encrypt deployment files and their passwords in the Deployment layer in NexJ Studio.