Closed lima195 closed 1 month ago
convenient
commented
1 month ago The invalidated_key section from the env.php will be fine, just ignored by everything.
(Assuming you're fully patched) The biggest risk is all your media would begin to generate new cache entries because the customisations documented in the readme.md would not be in place. this will take a lot of processing power and disk space
convenient
commented
1 month ago Does this answer your question? Can I close this issue or do you need further details
lima195
commented
1 month ago Well, kind of.
Just to make sure, If I ran everything and have this in my env.php:
'crypt' => [
'key' => 'invalidpwecbVeGpoL3Jxa4PXEOdn1ej
2951b41e2b7f4c26e60a8e7ee00ca17b',
'invalidated_key' => '84c9d7c0b305adf9ea7e19a05478bf11'
],If I want now to remove the module, along with the module removal, I would need to change that section to be:
'crypt' => [
'key' => '84c9d7c0b305adf9ea7e19a05478bf11
2951b41e2b7f4c26e60a8e7ee00ca17b'
],And after import the config, flush caches, it would work? Or the data in the admin, would be crypted in a way that will broke?
convenient
commented
1 month ago At the stage where you've completed all steps and invalidated all old keys everything will be complete.
The only part of the application that uses the old invalidated_key data is the https://github.com/genecommerce/module-encryption-key-manager/blob/master/Service/InvalidatedKeyHasher.php class, which prevents your media being regenerated.
At that point if your uninstall the module you will be secure, but you will then start regenerating your entire product media cache directory.
There is no need to further update env.php
lima195
commented
1 month ago Thank you.
Hi there,
I just wanted to check, if we generate the new key and invalidate the old one. And after a while if we uninstall the module, how would it affect the crypted data in the database. Should we just remove the
invalidated_keyfrom env.php and uninstall the module?Thanks.