Symfony News

New in Symfony 4.4: Encrypted Secrets Management

Tobias Schultze Jérémy Derussé Nicolas Grekas

Contributed by
Tobias Schultze, Jérémy Derussé Nicolas Grekas in #33997.

Storing sensitive application information (passwords, tokens, certificates, etc.) is a challenging task. You cannot rely on traditional configuration files and you cannot rely either on environment variables. That's why in Symfony 4.4 we've added a new encryption-based feature to manage secrets.

Imagine that you want to keep the entire DATABASE_URL content secret to avoid leaking the database connection credentials. This is how you can do that:

Step 1. Generate the keys used to encrypt/decrypt secrets (this feature is based on a traditional public-key cryptography and uses the libsodium library):

1
$ php bin/console secrets:generate-keys

This command generates a pair of keys in config/secrets/dev/ (or config/secrets/prod/). The public key is used to encrypt secrets and you should commit it to your shared repository. The private key should not be committed to the repository and should not be shared in any way.

Step 2. Upload the private key to your remote server using SSH or any other safe means and store it in the same config/secrets/<environment>/ directory.

Step 3. Create a new secret to store the contents of DATABASE_URL:

1
2
3
4
5
6
$ php bin/console secrets:set DATABASE_URL

 Please type the secret value:
 > **************

[OK] Secret "DATABASE_URL" encrypted in "config/secrets/dev/"; you can commit it.

Each secret is stored in its own file inside the config/secrets/<environment>/ directory. You can commit these files to the repository because their contents are not accessible unless you also have the private key.

Step 4. Update your application configuration to use this new secret as the value of the DATABASE_URL option:

1
2
3
4
5
# config/packages/doctrine.yaml
doctrine:
dbal:
    url: "%env(secret:DATABASE_URL)%"
    # ...

The only required change is to add the secret: env var processor to tell Symfony that this is an encrypted secret that must be decrypted before using it.

That's all! Repeat the steps 3 and 4 for all the configuration values that you want to turn into secrets. Use the other commands to complete the whole secret management experience: secrets:remove to delete secrets, secrets:list to show all the secrets managed by the application, generate-keys --rotate to change the existing keys by new ones and re-encrypt all secrets automatically, etc.

Be trained by Symfony experts - 2019-10-28 Berlin - 2019-10-28 Berlin - 2019-10-28 Lille


Source: https://symfony.com/blog

About us

What a Symfony developer should know about the framework: News, Jobs, Tweets, Events, Videos,...

Resources

Find us on Twitter

Find us on Facebook