Enable forced credential rotation in secrets-config utility [ossf silver]

[bnevis-i]

🚀 Feature Request

Relevant Package [REQUIRED]

secrets-config utility

Description [REQUIRED]

From OpenSSL silver badge requirements:
The project MUST support storing authentication credentials (such as passwords and dynamic tokens) and private cryptographic keys in files that are separate from other information (such as configuration files, databases, and logs), and permit users to update and replace them without code recompilation. If the project never processes authentication credentials and private cryptographic keys, select "not applicable" (N/A)

We are compliant with this requirement with the exception that we have no supported mechanism to force a credential rotation.

Describe the solution you'd like

Enhance the secrets-config utility to support forced credential rotation:

• Redis password
• MQTT password
• Vault master key?
• Consul tokens?
• JWT signature keys?