Page Comparison

The encryption key used to encrypt the passwords is stored in the file called private.key located in the Weave folder (e.g. C:\weave\platform\workspace).

This file is generated the first time Weave starts and will be unique for each Weave instance, which means that encrypting the same password with different instances of Weave would result in different encrypted text.

This means that if you want to re-use the same configuration files on multiple Weave instances, for example development and production, then you need to either:

• Copy the private.key file from the server where the passwords were encrypted to the other server, so the encryption/decryption key is the same on both instances.
• Extract the passwords from being directly included in the XML and set them in a separate XML file that you include into your config and encrypt the passwords on both Weave instances and have the different passwords set in the password XML file.

Additionally, for extra security the permissions on that file should be set to only allow the users running the Weave instance to read the private.key file.