Security - Update JWT Keys

[mike-webster]

Description

I accidentally checked in the private and public keys and pushed them up at one point. They have been deleted, but for security reasons we should generate new keys.

Related

• Right now, we have one set of credentials that get encrypted using one master key. This has it working for me and tony on our locals and in our production environment since we're still developing.
  • We will need to update the ENV variables via the heroku dashboard or CLI
  • The other issue here stopping us from fixing it correctly is Heroku + Rails 5.
    • The server needs the master key to decrypt the credentials. The master key can't be checked into the public repo or the credentials are no longer secure.
    • Can we have different keys/credential files for different environments? We have to... right?
• The ideal solution will be one we won't have to revisit in the future

[mike-webster]

instructions for how to generate the keys