In this example we will see how to encrypted database password in property file (application.properties or application.yml). We will use Jasypt library for this purpose.
Jasypt (Java Simplified Encryption) is a java library which allows the developer to add basic encryption capabilities to his/her projects with minimum effort, and without the need of having deep knowledge on how cryptography works.
To know more about Jasypt, click here. Go to Jasypt website and download the latest version of jasypt client. I am using jasypt-1.9.2-dist.zip. Once downloaded extract the zip file and go to folder /jasypt-1.9.2/bin and execute the below command. Here input is your password or any other text that you want to encrypt and password is the secret key used by Jasypt to encode and decode the input.
encrypt.bat input="dummy_password" password="SECRET_KEY"
To know about encrypting from the command line using Jasypt CLI Tools. click here.
Add below maven dependency in your pom.xml file
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>2.1.1</version>
</dependency>
application.ymlJasypt (Java Simplified Encryption) is a java library which allows the developer to add basic encryption capabilities to his/her projects with minimum effort, and without the need of having deep knowledge on how cryptography works.
To know more about Jasypt, click here. Go to Jasypt website and download the latest version of jasypt client. I am using jasypt-1.9.2-dist.zip. Once downloaded extract the zip file and go to folder /jasypt-1.9.2/bin and execute the below command. Here input is your password or any other text that you want to encrypt and password is the secret key used by Jasypt to encode and decode the input.
encrypt.bat input="dummy_password" password="SECRET_KEY"
To know about encrypting from the command line using Jasypt CLI Tools. click here.
Add below maven dependency in your pom.xml file
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>2.1.1</version>
</dependency>
Note - the encrypted password in parenthesis with keyword ENC
There are various options by which you can feed the SECRET_KEY to your application
- From java code you can set system property jasypt.encryptor.password as shown below. You can do this in a separate secure JAR file.
System.setProperty("jasypt.encryptor.password", "SECRET_KEY");
- From command line you can pass system properties
$ Java -Djasypt.encryptor.password=SECRET_KEY Application