Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add example to generate dm key (#19306) #19346

Merged
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion dm/dm-customized-secret-key.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ Before v8.0.0, [DM](/dm/dm-overview.md) uses a [fixed AES-256 secret key](https:

## Usage

1. Create a custom key file, which must contain a 64-character hexadecimal AES-256 secret key.
1. Create a custom key file, which must contain a 64-character hexadecimal AES-256 secret key. One way to generate this key is by calculating SHA256 checksum of random data, such as `head -n 256 /dev/urandom | sha256sum`.
2. In the DM-master [command-line flags](/dm/dm-command-line-flags.md) or [configuration file](/dm/dm-master-configuration-file.md), specify `secret-key-path` as the path of your custom key file.

## Upgrade from a version earlier than v8.0.0
Expand Down
2 changes: 1 addition & 1 deletion dm/dm-master-configuration-file.md
Original file line number Diff line number Diff line change
Expand Up @@ -59,4 +59,4 @@ This section introduces the configuration parameters of DM-master.
| `ssl-cert` | The path of the file that contains X509 certificate in PEM format for DM-master to connect with other components. |
| `ssl-key` | The path of the file that contains X509 key in PEM format for DM-master to connect with other components. |
| `cert-allowed-cn` | Common Name list. |
| `secret-key-path` | The file path of the secret key, which is used to encrypt and decrypt upstream and downstream passwords. The file must contain a 64-character hexadecimal AES-256 secret key. |
| `secret-key-path` | The file path of the secret key, which is used to encrypt and decrypt upstream and downstream passwords. The file must contain a 64-character hexadecimal AES-256 secret key. One way to generate this key is by calculating SHA256 checksum of random data, such as <code>head -n 256 /dev/urandom \| sha256sum</code>. For more information, see [Customize a secret key for DM encryption and decryption](/dm/dm-customized-secret-key.md). |
Loading