#### Encryption at Rest
* [alpha] Encrypt secrets stored in etcd. For more information, see [Securing a Cluster](https://kubernetes.io/docs/tasks/administer-cluster/securing-a-cluster/) and [Encrypting data at rest](https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/).

#### Node Authorization

- The API server now re-uses data encryption keys while the kms v2 plugin's key ID is stable.  Data encryption keys are still randomly generated on server start but an atomic counter is used to prevent nonce collisions. ([#116155](https://github.com/kubernetes/kubernetes/pull/116155), [@enj](https://github.com/enj)) [SIG API Machinery, Auth and Testing]

		<property name="cookieKey">"fessRoles"</property>
		<property name="encryptedCookieValue">true</property>
		<property name="cipher">
			<component class="org.codelibs.core.crypto.CachedCipher">
				<property name="key">"1234567890123456"</property>
			</component>
		</property>
		<property name="valueSeparator">"\\n"</property>
		<property name="roleSeparator">","</property>
		 -->

- **Concurrent Utilities** (`org.codelibs.core.concurrent`) - Thread-safe collections and concurrency helpers using modern concurrent APIs
- **Crypto & Security** (`org.codelibs.core.crypto`, `org.codelibs.core.security`) - Basic cryptographic utilities, message digest operations, and secure random generation

        });

    }

    /**
     * Changes the password for a user identified by username.
     * Updates both the authentication manager and the database with the new encrypted password.
     *
     * @param username the username of the user
     * @param password the new password in plain text
     * @throws FessUserNotFoundException if the user is not found
     */

URLs are abstract:

search_engine.heartbeat_interval=10000

# Cipher algorithm used for encryption.
app.cipher.algorism=aes
# Secret key for encryption (change this value for production).
app.cipher.key=___change__me___
# Algorithm for digest calculation.
app.digest.algorism=sha256
# Regex pattern for properties to encrypt.
app.encrypt.property.pattern=.*password|.*key|.*token|.*secret

# Extension names for application customization.

 *
 *  * **A validity interval.** A certificate should not be used before its validity interval starts
 *    or after it ends.
 *
 *  * **A public key.** This cryptographic key is used for asymmetric encryption digital signatures.
 *    Note that the private key is not a part of the certificate!
 *
 *  * **A signature issued by another certificate's private key.** This mechanism allows a trusted

- New Metrics Added for Encryption Configuration Controller
  
  This release adds new metrics to the Encryption Configuration Controller to help monitor the automatic reloading of encryption configuration. The new metrics include:
  
  - `apiserver_encryption_config_controller_automatic_reload_failures_total`: Total number of failed automatic reloads of encryption configuration.

- `kube-apiserver` updated: