There is currently no way for users to rotate the cc.db_encryption_key.
We're going to schedule some work to look into ways to solve the problem
without downtime. Any input would be great, as well as info on other keys
that need attention.

Joseph Palermo
CF Runtime Team

On Thu, Jun 11, 2015 at 10:44 AM, Christopher B Ferris <chrisfer(a)us.ibm.com>
wrote:

We are also very interested in pursuing this capability.

Cheers,

Christopher Ferris
IBM Distinguished Engineer, CTO Open Cloud
IBM Software Group, Open Technologies
email: chrisfer(a)us.ibm.com
twitter: @christo4ferris
blog: http://thoughtsoncloud.com/index.php/author/cferris/
phone: +1 508 667 0402

[image: Inactive hide details for Mike Youngstrom ---06/11/2015 01:31:45
PM---There are a lot of Keys in my CF deployment manifest. I']Mike
Youngstrom ---06/11/2015 01:31:45 PM---There are a lot of Keys in my CF
deployment manifest. I'd like to be able to rotate them. Most of

From: Mike Youngstrom <youngm(a)gmail.com>
To: CF Developers Mailing List <cf-dev(a)lists.cloudfoundry.org>
Date: 06/11/2015 01:31 PM
Subject: [cf-dev] Key Rotation Strategies
Sent by: cf-dev-bounces(a)lists.cloudfoundry.org
------------------------------



There are a lot of Keys in my CF deployment manifest. I'd like to be able
to rotate them. Most of the keys I could probably just change in a
deployment but would cause some downtime or a service disruption. Others
like "cc.db_encryption_key" I have no idea how I'd rotate.

Any thoughts on key rotation for a CF deployment?

Mike
_______________________________________________
cf-dev mailing list
cf-dev(a)lists.cloudfoundry.org
https://lists.cloudfoundry.org/mailman/listinfo/cf-dev



_______________________________________________
cf-dev mailing list
cf-dev(a)lists.cloudfoundry.org
https://lists.cloudfoundry.org/mailman/listinfo/cf-dev