The Broker is capable of encypting passwords and other security items stored in the Broker's configuration. This is means that items such as keystore/truststore passwords, JDBC passwords, and LDAP passwords can be stored in the configure in a form that is difficult to read. The Broker ships with an encryptor implementation called AESKeyFile. This uses a securely generated random key of 256bitJava Cryptography Extension (JCE) Unlimited Strength required to encrypt the secrets stored within a key file. Of course, the key itself must be guarded carefully, otherwise the passwords encrypted with it may be compromised. For this reason, the Broker that the file's permissions allow the file to be read exclusively by the user account used for running the Broker. If the keyfile is lost or corrupted, the secrets will be irrecoverable.

To use AESKeyFile, first stop the Broker, then edit the Broker's configuration file ${QPID_WORK}/config.json. Insert a Broker attribute called confidentialConfigurationEncryptionProvider with value AESKeyFile. On restarting the Broker, it will generate a keyfile in location ${QPID_WORK}/.keys/. Any existing passwords contained with the configuration will be automatically encrypted, as will any new or changed ones in future. { "id" : "3f183a59-abc3-40ad-8e14-0cac9de2cac4", "name" : "${broker.name}", "confidentialConfigurationEncryptionProvider" : "AESKeyFile", .... } Note that passwords stored by the Authentication Providers PlainPasswordFile and. PlainPasswordFile with the external password files are not encrypted by the key. Use the Scram Authentication Managers instead; these make use of the Configuration Encryption when storing the users' passwords.

If the AESKeyFile encryptor implementation does not meet the needs of the user, perhaps owing to the security standards of their institution, the ConfigurationSecretEncrypter interface is designed as an extension point. Users may implement their own implementation of ConfigurationSecretEncrypter perhaps to employ stonger encryption or delegating the storage of the key to an Enterprise Password Safe.