Issue
-
Can we use Azure Key Vault with DB setup configuration in Liferay instead of having it in plain text in the properties file?
-
Is there any way to configure the DB in Liferay using Azure Key Vault?
-
How we can use Azure Key Vault to store the DB username and password and read it securely.
Environment
- Microsoft Azure Key Vault with Liferay DB
Resolution
- Microsoft recommends using Managed Identities for your Azure-hosted application to access Key Vault. This eliminates the need to store or expose credentials within your code, improving security.
-
For JDBC Driver 8.4.1 and later, the driver introduced the following connection properties:
"jdbc:sqlserver://<server>:<port>;encrypt=true;columnEncryptionSetting=Enabled;keyStoreAuthentication=KeyVaultManagedIdentity;"
Additional Information
- Please find the documentation on the following link: Use Azure Key Vault authentication with Managed Identities