Master key load and retention in memory

JFrog Installation & Setup Documentation

Content Type
Installation & Setup

To improve security around the storage of the master key, from Artifactory version 7.29.7, JFrog supports loading the master key at startup and keeping it in memory. This is achieved by removing the master key from the file system by each application, after it was read by the application node during bootstrapping.


Before every restart, you will need to place the master.key file in the filesystem.

Remember to keep the master.key file in a separate, safe location.

To use this capability, do the following steps.

  1. Enable the master key removal by setting the flag to true.

  2. Fetch the master key and place it in the correct path on the application's file system whenever a new node is bootstrapped.

When the flag above is set to true:

  • The router removes the master.key file once each service is up and running.

  • Pipelines will not generate a master key and instead read the master key from the database.