Hi, I am planning to use encrypted properties in my bundle configurations, e.g. for data source passwords, etc. I know I can put together the following Blueprint configuration to enable decrypting encrypted properties:
<blueprint dxmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"; xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0"; xmlns:enc="http://karaf.apache.org/xmlns/jasypt/v1.0.0";> <ext:property-placeholder> <ext:default-properties> ... </ext:default-properties> <ext:location>file:etc/my-encrypted.properties</ext:location> </ext:property-placeholder> <enc:property-placeholder> <enc:encryptor class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor"> <property name="config"> <bean class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig"> <property name="algorithm" value="PBEWithMD5AndDES"/> <property name="passwordEnvName" value="MY_ENCRYPTION_PASSWORD"/> </bean> </property> </enc:encryptor> </enc:property-placeholder> ... </blueprint> File "my-encrypted.properties" in /etc will have entries with some encrypted values, like this: some.property=ENC(encryptedbytes) I would also make sure that I install the /jasypt-encryption/ feature. Now, this may be a very simple question... What is the best way to obtain the encrypted value for the property in the way that would guarantee that the above configuration will decrypt properly at the time of the application deployment? Is there a simple Karaf/jasypt shell command I can run to encrypt the original plain text with my password using the specific algorithm? Or should I use the Jasypt utility outside Karaf? I can't find any examples. Would appreciate anyone providing some. -- View this message in context: http://karaf.922171.n3.nabble.com/Encrypting-values-for-properties-tp4033405.html Sent from the Karaf - User mailing list archive at Nabble.com.
