When doing a clean install of Openfire 4.2.2 in our test environment, I’ve noticed that the database properties are no longer encrypted, despite having chosen Blowfish and an encryption password during setup.
It was working just fine in 4.1.3 and 4.1.6. The Openfire server is working as expected after installation and configuration, so it’s just the properties that aren’t encrypted which bothers me.
Am I missing something or doing something wrong during setup? Or is it a bug in 4.2.x?
- Found on Windows Server 2016 with SQL Server 2016 SP1
- Found on Windows Server 2012 R2 with SQL Server 2012 SP3
- Using LDAP integration to Active Directory domain
- Used Openfire 4.2.2 with bundled JRE. Tried both 32-bit and 64-bit versions, same error. And the same in 4.2.1 (64-bit, bundled JRE) as well.
- Default installation performed as a domain administrator
Edit: The database username/password properties in openfire.xml are encrypted, it is just the ones in the ofProperty table that are in plaintext.