Encryption Keys

Step-by-step instructions for generating a custom encryption key for use with Garnet

Secret keys are used to encrypt data your in Garnet using AES-256. Your encryption key must be 256 bits (32 bytes). To generate a random secret key, run:

openssl rand -hex 32

This ENCRYPTION_KEY must be passed to Garnet as an environment variable. One-click deploys automatically set a secure key for you, but deployments from source and using Docker currently require you to manually set this.

Please keep your encryption keys safe with you. Garnet never stores your encryption keys, and gives you full control over your data.

Generate Encryption key for Docker Compose setup

  1. First, run: openssl rand -hex 32. This will generate a new key for you. You'll need this in the next step.

  2. Open the docker-compose.yml file with the command: nano docker-compose.yml

  3. Substitute "<randomly-generated-256-bit-key>" for the key you got from the key generation command.

The ENCRYPTION_KEY: line will end up looking something like this (with your key, of course):

ENCRYPTION_KEY: "7d00b568c8226e78dd544cdf783de468f52cb092eaa88a0bd0ceda1b9a0f0197"