Encryption

For configuration files, environment-related encryption/decryption keys are used. This means encrypted configuration data in one cloverleaf environment cannot be decrypted in another environment.

BOX creation and deployment performs these steps, that encrypted values in globalVariables.ini, or other files that have encrypted data, can be ported to other environments.

When creating a BOX, the system:

  1. Gets a copy of globalVariables.ini which contains all referenced variables.
  2. Decrypts the sensitive data with environment-related keys to get plain text values.
  3. Encrypts the plain text values with the public key, which is not environment-related.
  4. Saves the encrypted values into the ini file to BOX.

When deploying a BOX, the process is reversed, where the system:

  1. Reads globalVariables.ini from BOX.
  2. Decrypts the encrypted values with the public key into plain text.
  3. Displays the values in plain text on the user interface so that a user can modify it, if the correct password is provided.
  4. Encrypts the plain text values with the environment-related keys.
  5. Saves the encrypted values into the ini file of the target site.