Hi,
I’ve got a rather simple question (I hope) about the cookie encryption and its values. There are two values I have to set:
- xwiki.authentication.validationKey
- xwiki.authentication.encryptionKey
The comments in xwiki.cfg read
#-# Cookie encryption keys. You SHOULD replace these values with any random string,
#-# as long as the length is the same.
Does this mean
A) both of those values should have the same length (e.g. 32, 64 or whatever many characters)
or
B) both of these values should be no more and no less than 32 characters (like the examples given in the config)
I always understood it like option A and set two random strings which were both the same size, this is correct, no?
Thanks in advance!