Configuration file encryption

For extra security, Bulksign supports encrypting the settings.json configuration file. The encryption key is stored as a environmental variable named "BULKSIGN_SETTINGS_KEY"

Here are the steps to enable setings file encryption :

  • create a environment variable named BULKSIGN_SETTINGS_KEY (it can be per system or per user). If you have multiple accounts on the server, our recomandation is to make it per user and configure all Bulksign processes to run under that specific user.

  • set the desired encryption key (the encryption algorithm is AES so please make sure the key is the right length (128,256,512), you can use a key generator)

  • make a copy of the current settings.json file and keep it secure (further changes to settings will need to be done in this file).

  • use BulksingCli.exe to encrypt the current settings.json file

bulksigncli.exe encrypt

This will generate a file "settings.json.encrypted" in the BulksignCli folder. Replace the current settings.json file with the encrypted one.

  • you can also decrypt the current file by running :
bulksigncli.exe decrypt