Shared metadata key storage location

Community Feedback
1

Hi,

I just enabled the encrypted metadata on my Passbolt instance.
I generated the shared metadata key from the admin section but I wonder where is the key saved ?

Is it on the filesystem ? In this case, as I run Passbolt inside a Docker container, I guess I have to create a dedicated volume to prevent the loss of the key should the container be recreated.

Or is it stored in the database ?

Thanks by advance.

2

Hello @jonathan,

For personal records, the user key is used. For shared resources, the shared metadata key is used.
The shared metadata key is stored in the database, encrypted for each users using their user keys.

So backup wise, there is nothing special extra todo.

Cheers,

1 Like