Where to store sensitive data in public rails app?

TLDR: Use environment variables! I think @Bryce’s comment offers an answer, which I’ll just flush out. It seems one approach Heroku recommends is to use environment variables to store sensitive information (API key strings, database passwords). So survey your code and see in which you have sensitive data. Then create environment variables (in your .bashrc … Read more

Invalid SSL certificate when pushing to Git server

Git for Windows has its own trust store of trusted certificates which is normally located in the file Git for Windows <=1.9: [Git installdir]\bin\curl-ca-bundle.crt (e.g., C:\Program Files (x86)\Git\bin\curl-ca-bundle.crt; configured by the key http.sslCAinfo in [Git installdir]\etc\gitconfig). Git for Windows >= 2.0: [Git installdir]\mingwXX\ssl\certs\ca-bundle.crt where XX stands for 32 or 64 (e.g., C:\Program Files\Git\mingw64\ssl\certs\ca-bundle.crt; configured by … Read more

Externalizing Grails Datasource configuration

You can use a properties file specified in the grails.config.locations as a way to externalize the datasource configuration. Below is how I typically set up a Grails project: In my DataSource.groovy I specify this for the production environment: …. …. production { dataSource { dbCreate = “update” driverClassName = “com.myorg.jdbcDriverNotExists” url = “” username = … Read more

Encrypting credentials in a WPF application

Here’s a summary of my blog post: How to store a password on Windows? You can use the Data Protection API and its .NET implementation (ProtectedData) to encrypt the password. Here’s an example: public static string Protect(string str) { byte[] entropy = Encoding.ASCII.GetBytes(Assembly.GetExecutingAssembly().FullName); byte[] data = Encoding.ASCII.GetBytes(str); string protectedData = Convert.ToBase64String(ProtectedData.Protect(data, entropy, DataProtectionScope.CurrentUser)); return protectedData; … Read more

Remove saved credentials from TortoiseGit

Normally the invalid credentials should be purged automatically (after one unsuccessful authentication attempt). Go to the Windows Credential Manager (press Windows and type “Credential Manager”, or go to Control Panel\User Accounts and Family Safety\Credential Manager or use Start->Run rundll32.exe keymgr.dll,KRShowKeyMgr), there all saved credentials should be listed (prefixed with git:). For ways to also remove … Read more

save PSCredential in the file

Update on non-Windows Platforms A lot has changed since this answer was first written. Modern versions of PowerShell are based on .net core, and run cross-platform. The underlying type that enables this whole answer is called [securestring] and the security and encryption that backs it comes from the Data Protection API (DPAPI) on Windows, which … Read more