Pega Chat application configuration files behavior incorrect
Pega Chat application configuration files accepts passwords for an account in Plain text. Requirement to know how to perform encryption on Pega Chat 7.4.2.
Steps to Reproduce
Implement Pega Chat.
A defect in Pegasystems’ code or rules.
Install the latest patch of Pega Chat 7.4.
Perform the following local-change:
- Set the isEncryptionEnabled flag to True on the config.json file to encrypt all the saved passwords.
- Configure the encryption of passwords in the config file by following the below steps
-Add an encryption enabled key to the environment - True/False (by default it is True for production)
-Add the key update: true in the object where the password resides
When the application bootstraps the passwords with update set to True, value is encrypted and the plain text value is replaced with the encrypted text value. The Update value is set to False. This causes the plain text password to get replaced by a new encrypted one.