You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: documentation/guide-configuration.asciidoc
+10-2Lines changed: 10 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -169,7 +169,9 @@ In order to support encrypted passwords in spring-boot `application.properties`
169
169
----
170
170
This will smoothly integrate http://jasypt.org/[jasypt] into your https://projects.spring.io/spring-boot/[spring-boot] application. Read this https://apereo.atlassian.net/wiki/spaces/CASUM/pages/103261428/HOWTO+Use+Jasypt+to+encrypt+passwords+in+configuration+files[HOWTO] to learn how to encrypt and decrypt passwords using jasypt.
171
171
172
-
Here we give a simple example how to encypt and configure a secret value. Different algorithms can be used if perferred (e.g. `PBEWITHMD5ANDTRIPLEDES`). However, the default in jasypt is `PBEWITHHMACSHA512ANDAES_256` that provides strong encryption.
172
+
Next, we give a simple example how to encypt and configure a secret value.
173
+
We use the algorithm `PBEWITHHMACSHA512ANDAES_256` that provides strong encryption and is the default of `jasypt-spring-boot-starter`.
174
+
However, different algorithms can be used if perferred (e.g. `PBEWITHMD5ANDTRIPLEDES`).
Of course the master-password (`masterpassword`) and the actual password to encrypt (`secret`) are just examples.
197
199
Please replace them with reasonable strong passwords for your environment.
198
-
The entire line after the `OUTPUT` block is your encrypted secret.
200
+
Further, if you are using https://github.com/devonfw/ide[devonfw-ide] you can make your life much easier and just type:
201
+
```
202
+
devon jasypt encrypt
203
+
```
204
+
See https://github.com/devonfw/ide/blob/master/documentation/jasypt.asciidoc[jasypt commandlet] for details.
205
+
206
+
Now the entire line after the `OUTPUT` block is your encrypted secret.
199
207
It even contains some random salt so that multiple encryption invocations with the same parameters (`ARGUMENTS`) will produce a different `OUTPUT`.
200
208
201
209
The master-password can be configured on your target environment via the property `jasypt.encryptor.password`. As system properties given on the command-line are visible in the process list, we recommend to use an `config/application.yml` file only for this purpose (as we recommended to use `application.properties` for regular configs):
0 commit comments