Sensitive data stored in configuration files is encrypted using a master secret cryptographic key. A master secret is created using the create secret administration command (see the section called “secret target”). This command generates a random cryptographic shared secret and stores it in a user-specified key store file which is encrypted with a user-specified password.

Once a master secret key store has been created it can be used to encrypt sensitive data using the encrypt secret administration command. The generated encrypted data can then be pasted into configuration files that store sensitive data, for example passwords.

The master secret must be installed on a node to enable that node to decrypt sensitive data. This is done:

Once a master secret has been installed on a node, the node will use it to decrypt any encrypted data. Until a master secret has been provided to the node, any attempt to activate node configurations containing encrypted data will fail. A master secret cannot be changed after it has been installed on a node.