tomkerkhove
commented
4 years ago Great to hear, are you open for contributing this?
Open GarthJL1965 opened 4 years ago
tomkerkhove
commented
4 years ago Great to hear, are you open for contributing this?
GarthJL1965
commented
4 years ago @tomkerkhove yes, I can contribute - I've found https://security.arcus-azure.net/features/secret-store/create-new-secret-provider. I'll get my head around the repo, code style, error handling etc in the next day or so
tomkerkhove
commented
4 years ago Sounds good, thanks!
What secret store are you interested in?
I'm very interested in using the Windows Credential Manager as a Secret Store Provider/Option - I successfully campaigned for this and used it at my last place of work - for C# Win32 Services in particular. I think we need to stipulate, we're talking about Windows XP+ here. A Seperate version could be made available for *nix, Mac 'KeyStores'
What scenarios would it enable you? 1) A person who has access to the 'secret' can set it up on the deployment server using the a) standard Windows Credential Manager or b) a Utility with a pop-up GUI - in this situation the roles of developer/installer are divided
2) The Service/Application can have the code to create the required Secret in the Windows Credentials 'Store' built in (much as per (b) from point 1, called at (example) Service installation time - as per (1), the secret need not be made available to the Developer, if roles/responsibilities etc are different (the lines in DevOps, DevSecOps blur some of this now)
More information Because my previous code was 'commercial', I would need to re-do it for this - I'm happy to write & test the code, using C# & Win32 Interop