Menu
In the parameters.yml file there is a parameter named secret which defaults to ThisTokenIsNotSoSecretChangeIt but it should be changed to something else.
What happens if the value of this parameter is changed in production? Can it break anything?
917
Symfony will decrypt existing secrets with the old key, generate new cryptographic keys and re-encrypt secrets with the new key. In order to decrypt previous secrets, the developer must have the decryption key.
When these values are sensitive and need to be kept private, you can safely store them by using Symfony's secrets management system - sometimes called a "vault". The Secrets system requires the Sodium PHP extension.
The secrets:generate-keys command provides a --rotate option to regenerate the cryptographic keys. Symfony will decrypt existing secrets with the old key, generate new cryptographic keys and re-encrypt secrets with the new key. In order to decrypt previous secrets, the developer must have the decryption key.
In other words, you can change the application behavior by changing which configuration files are loaded. That's the idea of Symfony's configuration environments. A typical Symfony application begins with three environments: dev (for local development), prod (for production servers) and test (for automated tests ).
It does not break anything. Changing the value secret parameter from time to time is even considered a good practice, suggested by the official documentation:
http://symfony.com/doc/current/reference/configuration/framework.html#secret
The only thing to be aware of is:
However, keep in mind that changing this value will invalidate all signed URIs and Remember Me cookies. That's why, after changing this value, you should regenerate the application cache and log out all the application users.
59
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
