Skip to main content
Version: 7.0

Enabling Client-side Encryption

danger

Client-side encryption mode is fundamental; it cannot be enabled or disabled in an already running Passwork (this will result in being unable to open data).

Client-side encryption must be activated immediately after installing Passwork, before completing the Setup Wizard in the web interface. If at least one user is already registered in the system, Passwork will operate in server-side encryption mode, and the option to enable client-side encryption will become unavailable.

Docker

The standard Docker installation script includes an argument that allows enabling client-side encryption mode automatically.

Example of running the script with client-side encryption enabled:

./passwork_compose_install.sh -cse

Linux

The Passwork acquisition script includes an argument that allows enabling client-side encryption mode automatically.

Example of running the script with client-side encryption enabled:

./passwork.sh -cse

Windows Server

Create an additional configuration file .env.local in the root directory of Passwork (example: C:\inetpub\wwwroot\passwork) and add the following line to enable client-side encryption:

IS_CLIENT_SIDE_ENCRYPTION_ENABLED=1