The master.key

What are the artifactory.key & master.key and what are they used for?

AuthorFullName__c
Ariel Kabov
articleNumber
000004521
ft:sourceType
Salesforce
FirstPublishedDate
2019-08-11T06:36:47Z
lastModifiedDate
2019-08-11
VersionNumber
4
The master.key is an AES 128-Bit secret key, introduced in Artifactory 5.7.
By default the master.key file is automatically generated during the initial start-up of Artifactory. Optionally, you can generate one manually by running ‘openssl rand -hex 16’, which will output a 128-Bit key size (hexadecimal encoded). Place this key as $ARTIFACTORY_HOME/etc/security/master.key before starting Artifactory the first time.

Here is an example of a master.key file:
2672b66f91e12ff207d77cd34d94d997

One of the main usages of the master.key, is being a critical requirement when setting up a High Availability cluster of Artifactory. Without the master.key, you won’t be able to connect a node to an HA cluster.
The master.key is also being used to encrypt all configuration files that are saved in the DB (and synchronized between HA nodes), in addition to passwords saved on the filesystem ($ARTIFACTORY_HOME/etc/db.properties, as an example).
Moreover, all sensitive data managed by Access is also encrypted using the master.key, such as users’ encrypted passwords, API keys, etc.
Encrypted data will start with the string ‘JE’.

In case the master.key is lost, there is a procedure you can follow, which will delete it from the Artifactory DB, and will delete all of the data that is encrypted using it.