When you are talking about the SA password are you talking about the System Administrator password associated to a MSSQL Database authentication stored in the dbconfig.xml?
If so there are a few approaches you can take covered in Encrypting database password which will redirect you to the following documentation for the desired option:
Do note however the info block on the Main article that indicates the following:
This solution is an obfuscation, which doesn’t assure real security. Jira still needs to use the plain text password to connect to your database, so the configuration will contain all the information needed to decrypt the password. An attacker could act like Jira to obtain the password. We recommend that you secure the server where Jira and the database reside.
While adding as many layers as possible to security is a Best practice, as noted the best form of security when password encryption is concerned is to encrypt the system at the server level and focus on additional security efforts such as SSL and firewall configurations into the base system where Jira is installed for the best results (i.e. Server security vs app security). Additional information on these approaches are covered in:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.