It's possible to view passwords from protected certificated

[guitcastro]

As showed in the screenshot above, if I click in the eye icon I am able to see the password of a protected certificated.

[bitce]

Hi there!

As mentioned on Slack, this is intended. But it does raise a question about consistency regarding how secrets are protected, so thanks for bringing this to our attention!

[guitcastro]

Understood (although I think make more sense to keep it private). I'm trying using generic file storage as a workaround, but I cannot use the Download URL from the generic file storage because it's not a secret (even if is protected).

Do you have another suggestion? I am out of options here, This project I am working on is very sensitive, I cannot expose sensitive information.

[bitce]

I agree that you do have a point here. Well, there isn't anything I could recommend Viktor haven't already did on Slack 🙂How did editing the .yml directly go?

[guitcastro]

Sorry, I forgot do give the feedback to you. It worked!
Thanks for the help.

[bitce]

Awesome, great news! No worries, sure thing, ping us anytime! 😉