Cloud
Data Center 9.3
Versions

Secured secrets by default

Configuring Confluence Security

On this page

In this section

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community

Introduction

Confluence Data Center provides default secrets encryption, featuring AES encryption with a 256-bit key to safeguard configuration data. This enhancement ensures that secret information is secured using strong encryption standards, bolstering overall system security.

If you’re using Confluence 9.1 or earlier, this security feature isn’t available. See Secure a database password for your manual options, or consider upgrading.

Security Management

Confluence includes a suite of tooling for managing security configurations, including key management for your default secrets encryption.

See Security management for more information.

Secured Confluence secrets

By default, the following secrets are automatically secured.

  • System secrets (confluence.cfg.xml)

    • hibernate.connection.password (JDBC password)

    • confluence.cluster.authentication.secret (Hazelcast shared secret)

    • confluence.cluster.aws.access.key (AWS cluster join access key)

    • confluence.cluster.aws.secret.key (AWS cluster join secret key)

    • opensearch.password (OpenSearch password)

    • synchrony.service.authtoken (Synchrony auth token)

  • Plugin secrets

    • Mail Archiving password

    • Mail Server password

Last modified on Feb 4, 2025

Was this helpful?

Yes
No
Provide feedback about this article

In this section

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.