In Spring Boot, you can conceal passwords in a properties file by utilizing the spring.config.encrypt.enabled
property. This property will allow you to encrypt sensitive data in your properties file, such as passwords. Here are the steps to conceal passwords:
Generate a secret key: You can generate a secret key using the keytool
command as shown below:
keytool -genkeypair -alias mykey -keyalg RSA -dname "CN=Web Server,OU=Unit,O=Organization,L=City,S=State,C=US" -keypass mypassword -keystore keystore.jks -storepass mystorepassword
Add the secret key to your application: You can add the secret key to your application by specifying the following in your application.properties
file:
encrypt.key-store.location=classpath:/keystore.jks
encrypt.key-store.password=mystorepassword
encrypt.key-store.alias=mykey
encrypt.key-store.secret=mykeypassword
This will specify the location of the keystore file and the password to access it. It will also specify the alias of the key to use and the password for that key.
Encrypt your password: You can now encrypt your password using the encrypt
command. For example, to encrypt the password mypassword
, you can use the following command:
java -jar myapp.jar --encrypt mypassword
This will encrypt the password using the secret key specified in your application.properties
file.
Use the encrypted password in your properties file: You can now use the encrypted password in your application.properties
file as shown below:
mail.password={cipher}encrypted_password
This will use the encrypted password in your application, and Spring Boot will automatically decrypt it using the secret key specified in your application.properties
file.
Asked: 2021-10-15 11:00:00 +0000
Seen: 7 times
Last updated: Aug 17 '21