https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34976 --- Comment #8 from David Cook <dcook@prosentient.com.au> --- (In reply to Marcel de Rooy from comment #3)
Interesting question though would be: How would you get one key and not the others? And underlying, is koha-conf the best place to save them?
To answer this question... I don't think we have many options. If we don't store them in koha-conf.xml then we'd need to store them in plain text in some other file. Alternatively, we could add support for password vaults that store the crypto keys in a separate system to Koha, but that probably wouldn't be usable for most people out of the box. Could be worth keeping in mind while designing though. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.